There are several ways in which data can be tampered with, compromised, and stolen. In addition, systems can be overwhelmed with traffic to the point that they are rendered useless.
Integrity attacks Data integrity is a measure of the quality of the information stored and transmitted on a system.
Types of attacks on data integrity include deleting or modifying files or information on the file system or over a network.
Spoofing IP spoofing occurs when an intruder attempts to deceive the target system into accepting packets that appear to the target as coming from someone other than the intruder. If the target system already has an authenticated TCP session with another system and mistakenly accepts spoofed IP packets, the intruder can access sensitive information and lead the target to execute commands in that packet, as though they came from the authenticated connection.
Availability attacks Availability attacks occur when a resource such as a Web site or HTTP port becomes unavailable due to a high volume of traffic. Someone can use a program to generate thousands of simultaneous requests aimed at the same site which then is unable to respond to legitimate requests.
Capture-and-replay Capture-and-replay refers to an intruder capturing data as it moves from one system to another. User names, passwords, authentication information, and so on, can be tampered with or used by the intruder to gain access to protected resources.
There are a variety of ways and tools that intruders use to gain access to system resources. Some of these attacks are undetected, while others destroy or alter information. Following is a few examples of how an intruder gains access to system resources:
A brute force attack involves using many combinations until the right key/password is located. Although it may seem like an expensive operation, both in time and resources, tools are available that can speed-up the process.
A trojan horse attack occurs when an intruder secretly inserts a program or file that either steals or destroys information, such as a virus. Another simple example would be for someone to place a bogus program on your system that prompts for a user name and password. The program simply logs the user name and password information. The intruder accesses this information and can then use your user name and password to access resources to which you are permitted.
A person-in-the-middle attack intercepts communication between two parties without their knowledge. This attack allows two parties to communicate without knowing a third party has access to the same information.
| Copyright © 2005. Sybase Inc. All rights reserved. |
|
|
