Linux Exposed: Attacks Exposed
Jul 15, 2003, 08:30 (3 Talkback[s])
[ Thanks to pascal for this link.
"How serious a particular attack type is depends on two things:
how the attack is carried out, and what damage is done to the
compromised system. An attacker being able to run code on his
machine is probably the most serious kind of attack for a home
user. For an e-commerce company, a denial of service (DoS) attack
or information leakage may be of more immediate concern. Each
vulnerability that can lead to compromise can be traced to a
particular category, or class, of attack.The properties of each
class give you a rough feel for how serious an attack in that class
is, as well as how hard it is to defend against. In this article,
we explain each of the attack classes in detail, including what
kinds of damage they can cause the victim, as well as what the
attacker can gain by using them.
"As we mentioned, attacks can be placed into one of a few
categories. Our assertion regarding the severity of attack is
something we should look into for a little better understanding.
Attacks can lead to anything from leaving your systems without the
ability to function, to giving a remote attacker complete control
of your systems to do whatever he pleases.We discuss severity of
attacks later in this article, placing them on a line of severity.
Let's first look at the different types of attacks and discuss
them. In this article, we examine seven categorized attack