Attack Results

All attacks have specific attack results that can be categorized as one of five types. The result shown in Figure 3-2 was denial of service. Howard mentions four types of resultsdisclosure of information, corruption of information, denial of service, theft of serviceand, here, we can add a fifth, increased access. The following definitions of the first four types of attack results come straight out of Howard's work.

NOTE

Although the first four definitions provided are from Howard's paper, the definitions are themselves references within Howard's document. Refer to Howard's paper at http://www.cert.org/research/JHThesis/Start.html for more specific references.

 

Disclosure of Information

Disclosure of information is the dissemination of information to anyone not authorized to access that information. This includes sniffing passwords off the wire, reading parts of a hard disk drive you are unauthorized to access, learning confidential information about your victim, and so on.

Corruption of Information

Corruption of information is any unauthorized alteration of files stored on a host computer or data in transit across a network. Examples include website defacement, man-in-the-middle (MITM) attacks, viruses that destroy data, and so on.

Denial of Service

Denial of service (DoS) is the intentional degradation or blocking of computer or network resources. Most types of flooding attacks have DoS as a primary objective. Similarly, intentionally crashing network resources can create a DoS condition, as would reconfiguration of certain network devices.

Theft of Service

Theft of service is the unauthorized use of computer or network services without degrading the service to other users. Stealing someone's password and logging on to the network is a good example, as is accessing a wireless LAN without authorization or pirating software.

Increased Access

Increased access is the resultant unauthorized increase in user privileges that occurs when accessing computer or network services. Executing a buffer overflow attack is a good example of an attack resulting in increased access.

NOTE

Increased access typically is not the end result of an attack as are the preceding four attack results. It is more often a midpoint to further attacks, which can ultimately accomplish one of the other four results.


Part I. Network Security Foundations

Network Security Axioms

Security Policy and Operations Life Cycle

Secure Networking Threats

Network Security Technologies

Part II. Designing Secure Networks

Device Hardening

General Design Considerations

Network Security Platform Options and Best Deployment Practices

Common Application Design Considerations

Identity Design Considerations

IPsec VPN Design Considerations

Supporting-Technology Design Considerations

Designing Your Security System

Part III. Secure Network Designs

Edge Security Design

Campus Security Design

Teleworker Security Design

Part IV. Network Management, Case Studies, and Conclusions

Secure Network Management and Network Security Management

Case Studies

Conclusions

References

Appendix A. Glossary of Terms

Appendix B. Answers to Applied Knowledge Questions

Appendix C. Sample Security Policies

INFOSEC Acceptable Use Policy

Password Policy

Guidelines on Antivirus Process

Index



Network Security Architectures
Network Security Architectures
ISBN: 158705115X
EAN: 2147483647
Year: 2006
Pages: 249
Authors: Sean Convery

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net