Site home page Get alerts when Linktionary is updated Book updates and addendums Get info about the Encyclopedia of Networking and Telecommunicatons, 3rd edition (2001) Download the electronic version of the Encyclopedia of Networking, 2nd edition (1996). It's free! Contribute to this site Electronic licensing info
|
Attacks and Attackers Related Entries Web Links New/Updated Information Note: Many topics at this site are reduced versions of the text in "The Encyclopedia of Networking and Telecommunications." Search results will not be as extensive as a search of the book's CD-ROM. An attack is an attempt by an attacker (also commonly called a hacker) to access a system or take control of a system (a computer, network server, Web site, and so on) using a variety of methods. The intent of an attack is assumed to be malicious. The attacker may wish to view sensitive information, change information, shut down the system, or overload it to prevent other users from accessing it (a denial of service attack). Encrypted information may be attacked, meaning that the attacker is attempting to break the encryption and discover the secured information. Attackers are more commonly referred to as "hackers." There are two primary types of attacks:
An attacker may monitor the sessions of other users (a passive attack) and then take over the sessions (an active attack). In a replay attack, the attacker uses previously gathered information to gain access to a system by replaying it to the system, which thinks that it is dealing with a valid session. Two important Internet RFCs provide information about attacks and attackers. RFC 2196 (Site Security Handbook, September 1997) provides extensive information on security policies, firewalls, authentication, and access. Most important, it described procedures for detecting and handling security incidents. RFC 2504 (User's Security Handbook, February 1999) decribes useful information for users that can help in preventing attacks. Copyright (c) 2001 Tom Sheldon and Big Sur Multimedia. |