1. Common ways for an attacker to attack a network are as follows:
Eavesdropping: The most common way an attacker attacks a network is by eavesdropping which enables an attacker to access the data paths of the network or they may interpret the traffic.
Data Modification: An attacker may modify the packet of data after eavesdropping even without the permission of the receiver or sender.
Spoofing: IP spoofing is an attack that an attacker use for changing the IP address of system. IP address mostly helps to identify valid entity (Hoque et al, 2014). An attacker changes the IP address of a network.
Attacks based on Passwords: The applications that are old does not always protects the identity information. This helps an attacker to have access to the accounts by imposing as real user.
Attacks based on Denial-of-services: The denial-of-service occurs if an attacker had already attacked the system and has made changes or may have block traffic, but denies the fact.
Sniffer attack: Sniffer attack is an attack which an intruder uses to monitor, capture data exchanges of the network and read the network packets.
2. It is a true fact that ICMP has some security risks. The important ICMP traffics are Echo Reply and Echo request, IPv4 and big data packets IPv6 and many more (Yoshiura & Omi, 2014). But according to me, all ICMP traffic should not be blocked at firewalls because ICPM has many features that are useful and most important for troubleshooting which is considered as an essential part of a network so that it function correctly.
3. For establishing a VPN connection on the user’s network, VPN firewalls and routers are needed that are aware of VPN so that they can permit VPN traffic (Isaac et al., 2014). There is also a need of VPN software of the client so that the remote connection are secured.
Hoque, N., Bhuyan, M. H., Baishya, R. C., Bhattacharyya, D. K., & Kalita, J. K. (2014). Network attacks: Taxonomy, tools and systems. Journal of Network and Computer Applications, 40, 307-324.
Isaac, A., Bitar, N., Sajassi, A., & Aggarwal, R. (2014). Requirements for Ethernet VPN (EVPN).
Yoshiura, N., & Omi, K. (2014, September). Resolving Fallback and Path MTU Problems Caused by Denying ICMP Packets in IPv6. In International Conference on Internet and Distributed Computing Systems (pp. 227-236). Springer, Cham.