Dear Mr. Singh,
I highly appreciate you for this detail email,
I can see that most of the types you have listed below are concerned
with network based attacks, but I am concerned about application based
ones.
I am interested in knowing the signature of the attack (ex:using
system calls patterns) in order if you want to compare it to a regular
performance or normal signature.
I will try to see what are from the types you have listed above that
are concerned with application level attacks,
Many thanks,
On 12/13/06, Gurpreet Singh <[EMAIL PROTECTED]> wrote:
hi,
these are the most common attacks we encounter in our daily life. You
can google the following terns and you will get a lot of material
otherwise i can provide you with some links.
Hacking: types of attack
viruses - most common form of attack
denial of service attacks
trojans (or trojan horses)
brute-force and `social engineering' password attacks
port scanning and spoofing
phishing
Viruses
Easily transferred in emails or downloaded files
May damage data on infected computer
May allow privileged access to host
May flood the network with spurious data
Phishing
This is a method of luring an unsuspecting user into giving out their
username and password for a secure web resource, usually a bank or
credit card account. Ebay and PayPal are particularly susceptible to
this type of attack.
usually achieved by creating a website identical to the secure site
user is sent email requesting them to log in, and providing a link to
the bogus site
when user logs in, password is stored and used to access the account
by the attacker
difficult to guard against, particularly if using HTML email
Currently no law specifically against this, though some experts think
this may come under the Computer Misuse Act, and may also be testable
under trademark laws (passing off as another's web site).
--
------------------------------------------
Kassem Nasser
First LEBANON WILL SURVIVE
Now LEBNON WON
Then LEBANON will Rise and Shine
????? ?????? ???
------------------------------------------
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
