See also: Security | Bad Things | Cryptography/Attacks
Contents
Introduction
An aggressive act meant to harm and be dangerous. Attacks can remain secret or they can have warnings or signals before they occur, else they may just occur without warning for anyone to see. Forensic analysis is sometimes used to determine the cause or method of attack.
In computers, it is any action that compromises the security of information or the integrity of data. May often involve a search for a weakness or vulnerability or produce a fatal software error.
A classic attack technique is the brute force method. A “Man-In-The-Middle Attack” is when can either be eavesdropping on an existing connection, or interposing oneself in the middle of a connection exchanging data.
Methods or examples of attack
- Releasing a worm, installing a backdoor, virus or trojan
- Defacing a web page
- Causing a computer to hang or freeze with a ping attack
- Denial of service – state where a server cannot carry out its duties due to an overload of requests from clients.
- Distributed denial of service – a concerted effort over hundreds or thousands of computers meant to overwhelm the target thereby interupting the flow of data.
Active Attack forms
- Attacks against encryption.
- Flame (including threats)
- Someone formerly with your organization trying to harm you.
- Litigation
- Attacks property or person, for example, Rubber Hose Attack
- Vigilantism
Passive Attack forms
- Eavesdropping
- Exploits of Bad Code, for example, from web browser, e-mail, p2p and FTP server vulnerabilities
- A speculative attack on those susceptible to manipulation or coercion, for example, social engineering
- Spoofing
- Surveillance
Methods of blocking attacks
- Anonymity
- Authentication
- Cryptography
- Firewall
- Moderation
- Obscurity
- Physical security
- Redundancy
- Security through obscurity
TakeDown.NET -> “Attack”