After over a week-long break, here is the networks part of the series.
Network-Based Hacking
Network hacking usually involves a lot of probing and spoofing. Unlike malware-dependent hacking or social engineering, you never really come in contact with the other person. There is no need to run an executable or click on a seemingly benign link.
It can be divided into two main types, attacking from inside the network, and attacking remotely.
Remote attacks are fairly limited, assuming you don't have a physical device in the location that you can control (for example, somebody capturing network traffic with Wireshark on a Raspberry pi, although that in itself isn't really an attack). There are some exceptions, of course.
For example, the DoS attack on Github yesterday broke a world record and didn't involve any malware (I'll write about it in a separate post.)
Generally, the attacks are performed inside the network and are combined with other forms of attacks. A very common combination is redirecting traffic intended for an outside address to one inside the network. For example, everyone at a Starbucks trying to access Facebook getting redirected to an identical copy of the site.
When they aren't combined, they tend to rely on port state and vulnerability scanning, usually with a combination of Zmap/Nmap and metasploit, although aircrack is useful for other variants.
I will do a simple tutorial on using nmap later, if there is enough interest.
Sorry to have this post be so short. There is a lot more to networks than what I have mentioned, but hopefully this will give some introduction to what some of the tools to.