Ans.
- Malicious code-include execution of worms, viruses, Trojan horses
- Back door-attacker gains access to a system through an access path that bypasses usual security control
- Cracking-attempts to reverse-calculate a password
- Denial-of-service-attacker sends a such large number of connection or information request
- Spoofing-an intruder sends message to a computer with an IP address that indicates that message is coming from a trusted host
- Man-in-the-middle or TCP hijacking-attacker sniffs packets from the network, modifies them, insert them back into the network
- Spam-attacks involving sending unsolicited commercial e-mail
- Mail Bomb-attacker routes large quantities of e-mail to the target
- Sniffer-programs or devices that can monitor data traveling over a network
- Social engineering-attacker uses social skills to convince people reveal access credentials or other valuable information
- Buffer Overflow-involving an application error that occurs when more data is sent to a buffer than it can handle.
- Timing attack-attacks that work by exploring the contents of a Web browser's cache.
Source: Michael E. Whitman and Herbert J. Mattord, Principles of Information Security, Second Edition,Thompson Course Technology, 2005
No comments:
Post a Comment