previous |
start |
next
The Nature Of Attacks
Most attacks on system security have at least some of the following
goals:
- To obtain unauthorised access to private, or secret,
information stored on the compromised system -- recently the target
has often been credit card numbers stored on commerce servers. Such
access can be obtained by a wide variety of means. This is probably
the most important type of attack.
- To use the compromised system as a start point for attacks on
other, more interesting, systems whilst "covering their tracks" --
the (so-called) Springboard Attack.
- Denial of service (DOS) attacks attempt to use
up system resources to inconvenience legitimate users. A classic
example is to send vast megabytes of (anonymous) electronic mail to
a target host in an attempt to exhaust its disk space. The
(relatively) recently developed Distributed Denial of
Service (DDOS) attacks are a particularly nasty form.
- A variation of the denial-of-service attack is where a Bad Guy
actually attempts to cause damage to the compromised system, for
example, by removing important files, changing configurations, etc.
Recent "Web site defacements" come under this category.
- etc, etc...
previous |
start |
next