Ans.
• Malicious code-include execution of worms, viruses, Trojan horses
• Back door-attacker gains access to a system through an access path that bypasses usual security control
• Cracking-attempts to reverse-calculate a password
• Denial-of-service-attacker sends a such large number of connection or information request
• Spoofing-an intruder sends message to a computer with an IP address that indicates that message is coming from a trusted host
• Man-in-the-middle or TCP hijacking-attacker sniffs packets from the network, modifies them, insert them back into the network
• Spam-attacks involving sending unsolicited commercial e-mail
• Mail Bomb-attacker routes large quantities of e-mail to the target
• Sniffer-programs or devices that can monitor data traveling over a network
• Social engineering-attacker uses social skills to convince people reveal access credentials or other valuable information
• Buffer Overflow-involving an application error that occurs when more data is sent to a buffer than it can handle.
• Timing attack-attacks that work by exploring the contents of a Web browser's cache.
Source: Michael E. Whitman and Herbert J. Mattord, Principles of Information Security, Second Edition,Thompson Course Technology, 2005
2n post
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment