tailieunhanh - Network Attack and Defense

One hindrance to this flow of information is not a lack of creative minds to dream up new services nor lack of an educated workforce to develop enabling technology, but the pres- ence of mistake and malice, error and evil. The growing interconnectedness of networks means that systems are open to disruptions from a larger number of machines, software, and users that can foul the system with faults, bugs, and error. And it is now very clear that we must also deal with a growing population of Internet-savvy criminals bent on financial gain, foreign governments looking for military and trade secrets,. | Chapter 18 Network Attack and Defense CHAPTER 18 Network Attack and Defense Whoever thinks his problem can be solved using cryptography doesn t understand his problem and doesn t understand cryptography. ATTRIBUTED BY ROGER NEEDHAM AND BUTLER LAMPSON TO EACH OTHER Introduction Internet security is a fashionable and fast-moving field the attacks that are catching the headlines can change significantly from one year to the next. Regardless of whether they re directly relevant to the work you do network-based attacks are so high-profile that they are likely to have some impact even if you only use hacker stories to get your client to allocate increased budgets to counter the more serious threats. The point is some knowledge of the subject is essential for the working security engineer. There are several fashionable ideas such as that networks can be secured by encryption and that networks can be secured by firewalls. The best place to start debunking these notions may be to look at the most common attacks. Of course many attacks are presented in the media as network hacking when they are actually done in more traditional ways. A topical example is the leak of embarrassing emails that appeared to come from the office of the . prime minister and were initially blamed on hackers. As it turned out the emails had been fished out of the trash at the home of his personal pollster by a private detective called Benji the Binman who achieved instant celebrity status 520 . The Most Common Attacks Many actual attacks involve combinations of vulnerabilities. Examples of vulnerabilities we ve seen in earlier chapters include stack overflow attacks where you pass an 367 Security Engineering A Guide to Building Dependable Distributed Systems over-long parameter to a program that carelessly executes part of it and password guessing both of which were used by the Internet worm. A common strategy is to get an account on any machine on a target network then install a .