Attacks on Computer Systems and Networks - Attacks on computer systems and networks can be grouped into two broad categories: attacks on specific software and attacks on a specific protocol or service.
- The target of an attacker can be of two types: targets of opportunity and defined targets. There are a number of different types of attacks, including Denial-of-Service attacks, the installation of backdoors, sniffing, spoofing, man-in-the-middle and replay attacks, TCP/IP session hijacking, wardialing and WarDriving, and attacks on encryption.
- In a Denial-of-Service attack, the attacker is attempting to deny authorized users access either to specific information or to the computer system or network itself.
- The term backdoor is commonly used to refer to programs that attackers install after gaining unauthorized access to a system to ensure that they can continue having unrestricted access to the system.
- Network sniffers are software or hardware devices used to observe traffic as it passes through a network on shared broadcast media.
- Spoofing is a type of attack in which data is made to look like it has come from a different source.
- A man-in-the-middle attack is a type of attack that generally occurs when attackers are able to place themselves in the middle of two other hosts that are communicating, thus allowing the attacker to view and/or modify the traffic.
- Replay attacks are attacks in which the attacker captures a portion of network traffic between two parties and retransmits it at a later time.
- TCP/IP hijacking, also called session hijacking, refers to attacks designed to take control of an already existing session between a client and a server.
- All too often attempts at password guessing yield favorable results for the attacker, not as a result of a weakness in the scheme, but usually because the user is not following good password procedures.
Malware - Malware, also known as malicious code, refers to software that has been designed for some nefarious purpose. Malware includes viruses, worms, Trojan horses, logic bombs, and hostile mobile code.
- A virus is a piece of malicious code that replicates by attaching itself to another piece of executable code.
- A Trojan horse, or simply Trojan, is a piece of software that appears to do one thing (and may, in fact, actually do that thing) but which hides some other functionality.
- Logic bombs, unlike viruses and Trojans, are a type of malicious software that is deliberately installed, generally by an authorized user. A logic bomb is a piece of code that sits dormant for a period of time until some event invokes its payload.
- Worms are pieces of code that attempt to propagate through penetration of networks and computer systems.
|