Chapter 3: Attacks

Team-Fly

OVERVIEW

According to RFC 2828 [1], an attack refers to "an assault on system security that derives from an intelligent threat, i.e., an intelligent act that is a deliberate attempt (especially in the sense of a method or technique) to evade security services and violate the security policy of a system." As such, there are many attacks that can be launched against the security of a system interconnected to the Internet. Most of these attacks are due to vulnerabilities in the underlying network operating systems. In fact, the complexity of contemporary network operating systems. In fact, the complexity of contemporary network operating systems makes it possible and very likely that we will see an increasingly large number of such attacks in the future. You may refer to a book about hacking (e.g., [2]) or a hacker Web site for an overview about the vulnerabilities of contemporary network operating systems and tools that can be used to exploit them.

In this chapter, we overview and briefly discuss some exemplary passive and active attacks that can be launched against TCP/IP-based networks (i.e., intranets or the Internet). Roughly speaking, a passive attack "attempts to learn or make use of information from the system but does not affect system resources," whereas an active attack "attempts to alter system resources or affect their operation" [1]. Obviously, passive and active attacks can also be combined to effectively invade a computing or networking environment. For example, a passive wiretapping attack can be used to eavesdrop on authentication information that is transmitted in the clear (e.g., username and password), and this information can later be used to masquerade another user and to actively attack a system accordingly.


Team-Fly


Internet and Intranet Security
Internet & Intranet Security
ISBN: 1580531660
EAN: 2147483647
Year: 2002
Pages: 144

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net