tailieunhanh - Ebook Sybex Firewalls 24Seven, second edition: Phần 2
This book will help you answer questions like these: What's the difference between packet filtering and stateful inspection, and why is it important, what's the difference between using Network Address Translation and a proxy server to hide clients, how much can I expect to budget for a firewall, which firewall is right for my company? | Part III Additional Security Tools Chapter List Chapter 12 Attack Profiles Chapter 13 Security Utilities Chapter 14 Intrusion Detection Part Overview Featuring How hackers attack networks Tools hackers use Small security tools you should know about How to perform strong monitoring with standard PCs and firewalls How to detect network intrusions Tools to detect network intrusions Tools to search for network vulnerabilities Tools to mislead hackers How to respond to an intrusion 239 Chapter 12 Attack Profiles Overview This book discusses a number of potential attacks without necessarily defining them. This chapter profiles all of the common attacks hackers use to localize identify and attack your systems. Given the information about how these attacks work you can configure sophisticated firewall logging and alerting mechanisms to detect them. This chapter is broken down into the following broad categories Denial-of-service attacks Exploitation attacks Information gathering attacks Disinformation attacks These broad categories describe the purposes of nearly all hacking attacks. Denial-of-Service Attacks Denial-of-service attacks attempt to prevent you from providing a service by crashing or overwhelming your service computers. Denial-of-service attacks are the easiest hacks to attempt so they are quite common. This section lists the most common of these attacks Ping of Death Teardrop UDP floods SYN floods Land Smurf Fraggle E-mail bombs Malformed Messages Ping of Death The Ping of Death is the granddaddy of all denial-of-service attacks. It exploits the fact that many TCP IP implementations trust that ICMP packets are correctly formed and perform too little error checking. Warning Attack Status The original Ping of Death is obsolete undiscovered effective malformations of the ICMP echo request may exist however. Also many other SMB RPC TCP IP or ICMP malformation attacks called nukers perform similar functions. Profile In order to test the throughput capabilities and
đang nạp các trang xem trước