Common methods Computer insecurityComputer security Secure operating systems Security architecture Security by design Secure coding Computer insecurity Vulnerability Social engineeringEavesdropping Exploit Trojanviruses and wormsDenial of service Payload BackdoorRootkitKeylogger This box: view • talk
A typical approach in an attack on Internet-connected system is:
Network enumeration: Discovering information about the intended target.
Vulnerability analysis:Identifying potential ways of attack. Exploitation: Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis. In order to do so, there are several recurring tools of the trade and techniques used by computer criminals and security experts.
Security exploitMain article:Exploit (computer security)A security exploit is a prepared application that takes advantage of a known weakness.
Vulnerability scanner:Vulnerability scannerA vulnerability scanner is a tool used to quickly check computers on a network for known weaknesses. Hackers also commonly use port scanners. These check to see which ports on a specified computer are "open" or available to access the computer, and sometimes will detect what program or service is listening on that port, and its version number. (Note that firewalls defend computers from intruders by limiting access to ports/machines both inbound and outbound, but can still be circumvented.)
Packet sniffer:Packet snifferA packet sniffer is an application that captures data packets, which can be used to capture passwords and other data in transit over the network.
Spoofing attack or phising or Fake login page:Spoofing attackA spoofing attack involves one program, system, or website successfully masquerading as another by falsifying data and thereby being treated as a trusted system by a user or another program. The purpose of this is usually to fool programs, systems, or users into revealing confidential information, such as user names and passwords, to the attacker.
RootkitRootkitA rootkit is designed to conceal the compromise of a computer's security, and can represent any of a set of programs which work to subvert control of an operating system from its legitimate operators. Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security. Rootkits may include replacements for system binaries so that it becomes impossible for the legitimate user to detect the presence of the intruder on the system by looking at process tables.
Social engineering:Social engineering (computer security)Social Engineering is the art of getting persons to reveal sensitive information about a system. This is usually done by impersonating someone or by convincing people to believe you have permissions to obtain such information.
Trojan horse:Trojan horse (computing)A Trojan horse is a program which seems to be doing one thing, but is actually doing another. A trojan horse can be used to set up a back door in a computer system such that the intruder can gain access later. (The name refers to the horse from the Trojan War, with conceptually similar function of deceiving defenders into bringing an intruder inside.)
Virus: Computer virusA virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. Thus, a computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells.
Worm Computer wormLike a virus, a worm is also a self-replicating program. A worm differs from a virus in that it propagates through computer networks without user intervention. Unlike a virus, it does not need to attach itself to an existing program. Many people conflate the terms "virus" and "worm", using them both to describe any self-propagating program.
Key loggers: Keystroke loggingA keylogger is a tool designed to record ('log') every keystroke on an affected machine for later retrieval. Its purpose is usually to allow the user of this tool to gain access to confidential information typed on the affected machine, such as a user's password or other private data. Often uses virus-, trojan-, and rootkit-like methods to remain active and hidden.
No comments:
Post a Comment