Introduction to Vulnerabilities, Threats, and Attacks
Attacks

There are 4 primary classes of attacks, as shown in Figure .

Reconnaissance
Reconnaissance is the unauthorized discovery and mapping of systems, services, or vulnerabilities. It is also known as information gathering and, in most cases, it precedes an actual access or Denial of Service (DoS) attack. Reconnaissance is somewhat analogous to a thief casing a neighborhood for vulnerable homes to break into, such as an unoccupied residence, easy-to-open doors, or open windows.

Access
System access is the ability for an unauthorized intruder to gain access to a device for which the intruder does not have an account or a password. Entering or accessing systems to which one does not have access usually involves running a hack, script, or tool that exploits a known vulnerability of the system or application being attacked.

Denial of Service (DoS)
Denial of service (DoS) implies that an attacker disables or corrupts networks, systems, or services with the intent to deny services to intended users. DoS attacks involve either crashing the system or slowing it down to the point that it is unusable. But DoS can also be as simple as deleting or corrupting information. In most cases, performing the attack simply involves running a hack or script. The attacker does not need prior access to the target because a way to access it is all that is usually required. For these reasons, DoS attacks are the most feared.

Worms, Viruses, and Trojan Horses
Malicious software is inserted onto a host in order to damage a system, corrupt a system, replicate itself, or deny services or access to networks, systems, or services.

Even worse, the nature of all these threats are changing . From the relatively simple viruses of the 80’s to the more complex and damaging viruses, denial of service attacks and hacking tools in recent years. Today, these hacking tools are powerful and widespread. With the new dangers of self spreading blended worms such as Slammer and Blaster and Network Denial of Service attacks. Also, the old days of attacks that take days or weeks to spread are over. Now, threats spread worldwide in a matter of minutes. The SLAMMER worm of January 2003 spread around the world in less than 10 minutes.

The next generations of attacks are expected to spread in just seconds. These worms and viruses could do more than just wreak havoc by overloading network resources with the amount of traffic they generate, they could also be used to deploy damaging payloads that will steal vital information or erase hard drives. Also, there is a strong concern that the threats of tomorrow will be directed at the very infrastructure of the internet.