Introduction to Vulnerabilities, Threats, and Attacks
Vulnerabilities

When discussing network security, three common terms used are vulnerability, threat, and attack. Vulnerability is a weakness which is inherent in every network and device. This includes routers, switches, desktops, servers, and even security devices themselves. Threats are the people eager, willing, and qualified to take advantage of each security weakness, and they continually search for new exploits and weaknesses. Finally, the threats use a variety of tools, scripts, and programs to launch attacks against networks and network devices. Typically, the network devices under attack are the endpoints such as servers and desktops.

There are three primary vulnerabilities or weaknesses:

  1. Technology weaknesses
  2. Configuration weaknesses
  3. Security policy weaknesses

Technological Weaknesses
Computer and network technologies have intrinsic security weaknesses. These include TCP/IP protocol weaknesses, operating system weaknesses, and network equipment weaknesses .

Configuration Weaknesses
Network administrators or network engineers need to learn what the configuration weaknesses are and correctly configure their computing and network devices to compensate. Some common configuration weaknesses are listed in Figure .

Security Policy Weaknesses
Security policy weaknesses can create unforeseen security threats. The network may pose security risks to the network if users do not follow the security policy. Some common security policy weaknesses and how those weaknesses are exploited are listed in Figure .


Web Links