General Security Concepts: Attacks • Chapter 2  81

                 people, there is a 50 percent chance that two people will share the same birthday.
                 The mathematics are complex, but the birthday paradox predicts that finding a
                 value that has the same hash as another value doesn’t require calculating all options,
                 far less than that. In theory, it can be used to trick a system into accepting a dif-
                 ferent password than the real one, as long as both have the same hash result. In
                 practice it is hard to use, since a typical MD5 or Secure Hash Algorithm (SHA-1)
                                                  th
                                                                   th
                 hashing algorithm has 2 to the 128 or 2 to the 160 different values, respectively.
                 Dictionary-based Attacks

                 Appropriate password selection minimizes—but cannot completely eliminate—a
                 password’s ability to be cracked. Simple passwords such as any individual word in a
                 language make the weakest passwords because they can be cracked with an elemen-
                 tary dictionary attack. In this type of attack, long lists of words of a particular lan-
                 guage called dictionary files are searched to find a match to the encrypted password.
                 More complex passwords that include letters, numbers, and symbols require a dif-
                 ferent brute force technique that includes all printable characters and generally take
                 much longer to run.

                 Malicious Code Attacks


                 Code attacks are carefully crafted programs written by attackers and designed to do
                 damage.Trojan horses, viruses, spyware, rootkits, and malware, are all examples of
                 this kind of attack.These programs are written to be independent and do not
                 always require user intervention or for the attacker to be present for their damage
                 to be done.This section discusses these types of attacks and gives an in-depth look
                 at each.
                    Malware is malicious software.While it has been around for many years, users
                 in the past were required to physically transport the software between machines,
                 often through floppy diskettes or other removable media to which the program
                 wrote itself without the user’s knowledge.This limitation has changed dramatically
                 with the widespread use of the Internet, where an exploitable vulnerability or an e-
                 mail attachment can make it very easy for malware to disseminate.Among the
                 many types of malware we will look at are viruses,Trojan Horses, logic bombs,
                 rootkits, and spyware.
                    Protection against malware varies but usually includes a good user education
                 program, and diligently applying the software patches provided by vendors. In the
                 established security community, when researchers discover a flaw or vulnerability,




                                                                              www.syngress.com