There are 4 primary classes of attacks, as shown in Figure
.
Reconnaissance
Reconnaissance is the unauthorized discovery and
mapping of systems, services, or vulnerabilities. It is also known as
information gathering and, in most cases, it precedes an actual access or
Denial of Service (DoS) attack. Reconnaissance is somewhat analogous to a thief
casing a neighborhood for vulnerable homes to break into, such as an unoccupied
residence, easy-to-open doors, or open windows.
Access
System
access is the ability for an unauthorized intruder to gain access to a device
for which the intruder does not have an account or a password. Entering or
accessing systems to which one does not have access usually involves running a
hack, script, or tool that exploits a known vulnerability of the system or
application being attacked.
Denial of Service (DoS)
Denial of service (DoS) implies that an
attacker disables or corrupts networks, systems, or services with the intent to
deny services to intended users. DoS attacks involve either crashing the system
or slowing it down to the point that it is unusable. But DoS can also be as
simple as deleting or corrupting information. In most cases, performing the
attack simply involves running a hack or script. The attacker does not need
prior access to the target because a way to access it is all that is usually
required. For these reasons, DoS attacks are the most feared.
Worms,
Viruses, and Trojan Horses
Malicious software is inserted onto a host
in order to damage a system, corrupt a system, replicate itself, or deny
services or access to networks, systems, or services.
Even worse, the
nature of all these threats are changing
. From
the relatively simple viruses of the 80’s to the more complex and damaging
viruses, denial of service attacks and hacking tools in recent years. Today,
these hacking tools are powerful and widespread. With the new dangers of self
spreading blended worms such as Slammer and Blaster and Network Denial of
Service attacks. Also, the old days of attacks that take days or weeks to
spread are over. Now, threats spread worldwide in a matter of minutes. The
SLAMMER worm of January 2003 spread around the world in less than 10
minutes.
The next generations of attacks are expected to spread in just
seconds. These worms and viruses could do more than just wreak havoc by
overloading network resources with the amount of traffic they generate, they
could also be used to deploy damaging payloads that will steal vital
information or erase hard drives. Also, there is a strong concern that the
threats of tomorrow will be directed at the very infrastructure of the
internet.