With the development of network technologies and applications, network attacks are greatly increasing both in number and severity. Network attack usually occurs when an attacker or a hacker tries to compromise the network using various means and technologies. Such an attack isn’t usually an accident but a planned executed attempt to get access to corporate networks for stealing the data, then damaging the data on the system and corrupting it to an extent that nothing can be retrieved by the authorized users.
There are some common types of network attacks threats and solutions:
Eavesdropping: In such an attack, fraudsters keeping monitoring or listening to the network traffic in transit. After a close analysis every possible unprotected data is traced and documented. Then, using a sniffing technology to eavesdrop on an Internet Protocol (IP) based network to capture traffic in transit.
Solution: The most common and simplest solution to eavesdropping is to install spy equipment which we call it a bug. A bug is a device that receives audio information and broadcasts it through the air, usually via radio waves. Some bugs have tiny microphones that pick up sound waves directly.
IP Address Spoofing: Most networks and operating systems use the IP address of a computer to identify a valid entity. In certain cases, it is possible for an IP address to be falsely assumed— identity spoofing. An attacker might also use special programs to construct IP packets that appear to originate from valid addresses inside the corporate intranet. After gaining access to the network with a valid IP address, the attacker can modify, reroute, or delete your data. The attacker can also conduct other types of attacks, as described in the following sections.
Solution: IP spoofing is a difficult problem to tackle, because it is related to the IP packet structure. IP packets can be exploited in several ways. Because attackers can hide their identity with IP spoofing, they can make several network attacks. Although there is no easy solution for the IP spoofing problem, you can apply some simple proactive and reactive methods at the nodes, and use the routers in the network to help detect a spoofed packet and trace it back to its originating source. 
Denial of Service (DoS) or DDoS (Distributed Denial of Service): In this type of an attack, invalid data is set to the target system causing to flood it with multiple requests to an extent which it isn’t capable to handle, hence causing to get into a hang state. TCP attack is one of the very common methods of DoS. When DoS is targeted over an entire network it is known as the DDoS. Here the intensity of the attack is wide spread and targeted over a single network from multiple locations. It is one of the most difficult attacks to handle as the administrators find a tough time segregating an attacker system from legitimate users system.
- Implement a redundant firewall or router. Solution: To ensure availability, a network could incorporate a redundant hardware system at the switch to eliminate failure points.
- Use a firewall. A well-configured firewall is able to prevent most attacks. Firewalls are one of the most important screening devices on a network. Even though they are targets themselves for DoS attacks, they are useful as a defense countermeasure in protecting an environment connected to a network.
- Deploy a screened subnet, a demilitarized zone (DMZ). By placing a DMZ on the network between the router and an external firewall, it can be used as a buffer area to protect the LAN.
- Buy an intrusion detection system (IDS). A network-based IDS attached to the perimeter of the network can help monitor network activity (such as an attack) with its ability to raise an alarm in time for a network administrator to take protective action.
