Chapter 3. Understanding Types of Attacks

   

MacGyver was a television series on ABC in the 1980s and early 1990s. On the show MacGyver, the main character, would come up with innovative ways to stop his foes. These methods usually involved using everyday household items to create bombs , and other things that exploded. The creators of MacGyver , wisely opting not to be sued, always left out at least one critical step in the bomb-making process.

The same rules cannot apply to a network security book. It is important to have all of the information possible, so administrators can understand the tools being used. The better attack tools are understood , the easier it will be to defend against the incursions.

The goal of this chapter is to provide network and security administrators an overview of the types of attacks that can be launched against a network. This chapter does not discuss, in any detail, ways to stop these attacks, or prevent them from occurring in the first place. That is what the rest of the book is for; this chapter is designed to educate administrators about the nature of the different types of attacks, and what they are designed to do. Whenever possible, existing attack tools are profiled, along with links to those tools. Attackers have access to this information; network administrators should have the same access.

One type that is not covered in this chapter, but is mentioned often in the press, is the DoS attack. Originally, a DoS attack referred to one launched against a network. An attacker would flood a network with malformed packets, causing all servers on that network to become unreachable, and, possibly, crashing gateway routers or firewalls.

The meaning of a DoS attack has morphed to the point that it no longer carries the same connotation. Instead, DoS refers to any attack that renders a network, part of a network, or a single server unreachable. Most network attacks fall into that category, so by broadening the definition of DoS attacks it has become a less useful as a description. [1]

[1] On the positive side, it has made it a lot easier for technology journalists to report security incidents.

The tools used throughout this chapter are relatively easy to download and install, most having precompiled binaries that run on either Microsoft Windows or Linux. The ease with which these tools can be downloaded and installed should be disconcerting, to say the least. Some very powerful tools are readily available for download. An ex-employee, an angered customer, a competitor, or someone who simply does not like an organization has an arsenal that can be used against that organization.

The pervasiveness of these tools has given rise to the pejorative term script kiddie . Script kiddie refers to someone who does not necessarily understand the tools being used, or the logic behind them ”instead the script kiddie simply wants to cause as much damage as possible. Think of a script kiddie as someone who likes to graffiti buildings ; the primary goal is defacement, not theft or information gathering. Of course the tools available to script kiddies are akin to making a do-it-yourself safe-cracking kit. Just because someone does not understand the logic behind the tool does not make him or her any less dangerous.

NOTE

Script kiddies can cause serious damage. In February 2000, a script kiddie managed to knock eight of the world's largest websites offline for several hours using a DDoS attack. While there is still limited protection against DDoS attacks, the good news is that most other types of attacks can be prevented using good security practices.


Script kiddies rely on known weaknesses and systems that have not been properly patched, or upgraded, to launch successful attacks. A well locked-down system will almost always stop a script kiddie cold. A good understanding of the tools being used can help keep script kiddies out.

   


The Practice of Network Security. Deployment Strategies for Production Environments
The Practice of Network Security: Deployment Strategies for Production Environments
ISBN: 0130462233
EAN: 2147483647
Year: 2002
Pages: 131
Authors: Allan Liska

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net