This chapter covers the following topics:
- The Attack Process
- Attacker Types
- Vulnerability Types
- Attack Results
- Attack Taxonomy
Though the enemy be stronger in numbers, we may prevent him from fighting. Scheme so as to discover his plans and the likelihood of their success.
Sun Zi, The Art of War
That vulnerability is completely theoretical.
As discussed in Chapter 2, "Security Policy and Operations Life Cycle," when considering the characteristics of your network security system, you must understand the likely threats your network will encounter. The bulk of the information contained in this chapter outlines the various attack classes you must consider when designing your network. Because this book is focused on the network rather than the computer, the threats are oriented accordingly. Application layer attacks, for example, are grouped into one subheading and summarized, while network-based attacks are highlighted in more detail.
The material in this chapter can be used in three ways:
This is not the "learn how to hack" chapter. If you are looking for that sort of information, you would be better served by a book focused on that subject. This chapter merely attempts to describe the kinds of attacks so that you have a frame of reference for the terms you'll read about in the rest of the book. It is also worth noting that the skill sets required to break something and to fix something do not overlap 100 percent.
The following sections outline the attack process, types of attackers, and the varieties of vulnerabilities, and they set up the final two sections that cover attack results and attack classes.
Part I. Network Security Foundations
Network Security Axioms
Security Policy and Operations Life Cycle
Secure Networking Threats
Network Security Technologies
Part II. Designing Secure Networks
General Design Considerations
Network Security Platform Options and Best Deployment Practices
Common Application Design Considerations
Identity Design Considerations
IPsec VPN Design Considerations
Supporting-Technology Design Considerations
Designing Your Security System
Part III. Secure Network Designs
Edge Security Design
Campus Security Design
Teleworker Security Design
Part IV. Network Management, Case Studies, and Conclusions
Secure Network Management and Network Security Management
Appendix A. Glossary of Terms
Appendix B. Answers to Applied Knowledge Questions
Appendix C. Sample Security Policies
INFOSEC Acceptable Use Policy
Guidelines on Antivirus Process