Page 73 - StudyBook.pdf
P. 73

General Security Concepts: Attacks • Chapter 2  57


                      ■  Code and Cryptographic Attacks These include backdoors, viruses,
                         Trojans, worms, rootkits, software exploitation, botnets and mathematical
                         attacks.

                   Attack Methodologies in Plain English
                   In this section, we’ve listed network attacks, application attacks, and
                 Head of the Class…  the list of descriptions might look overwhelming, generally the names
                   mixed threat attacks, and within those are included buffer overflows,
                   DDoS attacks, fragmentation attacks, and theft of service attacks. While


                   are self-explanatory. For example, consider a DoS, or  denial of service
                   attack. As its name implies, this attack is designed to do just one thing—
                   render a computer or network non-functional so as to deny service to its
                   legitimate users. That’s it. So, a DoS could be as simple as unplugging
                   machines at random in a data center or as complex as organizing an army
                   of hacked computers to send packets to a single host in order to over-
                   whelm it and shut down its communications. Another term that has
                   caused some confusion is a mixed threat attack. This simply describes any
                   type of attack that is comprised of two different, smaller attacks. For
                   example, an attack that goes after Outlook clients and then sets up a
                   bootleg music server on the victim machine, is classified as a mixed threat
                   attack.


                 Active Attacks

                 Active attacks can be described as attacks in which the attacker is actively
                 attempting to cause harm to a network or system.The attacker isn’t just listening
                 on the wire, but is attempting to breach or shut down a service.Active attacks tend
                 to be very visible, because the damage caused is often very noticeable. Some of the
                 more well known active attacks are DoS/DDoS, buffer overflows, SYN attacks, and
                 Internet Protocol (IP) spoofing; these and many more are detailed in the following
                 section.

                 DoS and DDoS

                 To understand a DDoS attack and its consequences, you first need to grasp the
                 fundamentals of DoS attacks.The progression from understanding DoS to DDoS is
                 quite elementary, though the distinction between the two is important. Given its
                 name, it should not come as a surprise that a DoS attack is aimed squarely at
                 ensuring that the service a computing infrastructure usually delivers is negatively
                 affected in some way.This type of attack does not involve breaking into the target




                                                                              www.syngress.com
   68   69   70   71   72   73   74   75   76   77   78