104

Appendix A. Common Exploits and Attacks

Exploit

Description

Notes

Eavesdropping

Collecting data that passes between

This type of attack works mostly

two active nodes on a network by

with plain text transmission

eavesdropping the connection

protocols such as telnet, FTP, and

between the two nodes.

HTTP transfers.

Remote attacker must have access to

a compromised system on a LAN in

order to perform such an attack;

usually the cracker has used an

active attack (such as IP spoofing or

Man in the middle) to compromise a

system on the LAN

Preventative measures include

services with cryptographic key

exchange, one time passwords, or

encrypted authentication to prevent

password snooping; strong encryption

during transmission also advised

Service

An attacker finds a flaw or loophole in

HTTP based services such as CGI

Vulnerabilities

a service run over the Internet;

are vulnerable to remote command

through this vulnerability, the attacker

executions and even shell access.

compromises the entire system and

Even if the HTTP service runs as a

and any data that it may hold and

non privileged user such as

could possibly compromise other

"nobody", information such as

systems on the network.

configuration files and network maps

can be read, or the attacker can start

a denial of service attack which

drains system resources or renders it

unavailable to other users.

Services sometimes can have

vulnerabilities that go unnoticed

during development and testing;

these vulnerabilities (such as buffer

overflow, where attackers gain access

by filling addressable memory with a

quantity over what is acceptable by

the service, crashing the service and

giving the attacker an interactive

command prompt from which they

may execute arbitrary commands.

Administrators should make sure that

services do not run as the root user;

stay vigilant of patches and errata

updates for their applications from

vendors or security organizations such

as CERT and CVE.