Understanding the Dangers Your Systems Face

Understanding the Dangers
Your Systems Face
It’s one thing to know that your systems generally are under fire from hackers
around the world. It’s another to understand specific attacks against your systems
that are possible. This section offers some well-known attacks but is by
no means a comprehensive listing. That requires its own book: Hack Attacks
Encyclopedia, by John Chirillo (Wiley Publishing, Inc.).
Many information-security vulnerabilities aren’t critical by themselves.
However, exploiting several vulnerabilities at the same time can take its toll.
For example, a default Windows OS configuration, a weak SQL Server administrator
password, and a server hosted on a wireless network may not be
major security concerns separately. But exploiting all three of these vulnerabilities
at the same time can be a serious issue.
Nontechnical attacks
Exploits that involve manipulating people — end users and even yourself —
are the greatest vulnerability within any computer or network infrastructure.
Humans are trusting by nature, which can lead to social-engineering exploits.
Social engineering is defined as the exploitation of the trusting nature of human
beings to gain information for malicious purposes. I cover social engineering
in depth in Chapter 5.
Other common and effective attacks against information systems are physical.
Hackers break into buildings, computer rooms, or other areas containing critical
information or property. Physical attacks can include dumpster diving
(rummaging through trash cans and dumpsters for intellectual property,
passwords, network diagrams, and other information).
12 Part I: Building the Foundation for Ethical Hacking
Network-infrastructure attacks
Hacker attacks against network infrastructures can be easy, because many
networks can be reached from anywhere in the world via the Internet. Here
are some examples of network-infrastructure attacks:
Connecting into a network through a rogue modem attached to a
computer behind a firewall
Exploiting weaknesses in network transport mechanisms, such as TCP/IP
and NetBIOS
Flooding a network with too many requests, creating a denial of service
(DoS) for legitimate requests
Installing a network analyzer on a network and capturing every packet
that travels across it, revealing confidential information in clear text
Piggybacking onto a network through an insecure 802.11b wireless
configuration
Operating-system attacks
Hacking operating systems (OSs) is a preferred method of the bad guys. OSs
comprise a large portion of hacker attacks simply because every computer
has one and so many well-known exploits can be used against them.
Occasionally, some operating systems that are more secure out of the box —
such as Novell NetWare and the flavors of BSD UNIX — are attacked, and
vulnerabilities turn up. But hackers prefer attacking operating systems like
Windows and Linux because they are widely used and better known for their
vulnerabilities.
Here are some examples of attacks on operating systems:
Exploiting specific protocol implementations
Attacking built-in authentication systems
Breaking file-system security
Cracking passwords and encryption mechanisms
Application and other specialized attacks
Applications take a lot of hits by hackers. Programs such as e-mail server
software and Web applications often are beaten down:
Chapter 1: Introduction to Ethical Hacking 13
Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol
(SMTP) applications are frequently attacked because most firewalls and
other security mechanisms are configured to allow full access to these
programs from the Internet.
Malicious software (malware) includes viruses, worms, Trojan horses,
and spyware. Malware clogs networks and takes down systems.
Spam (junk e-mail) is wreaking havoc on system availability and storage
space. And it can carry malware.
Ethical hacking helps reveal such attacks against your computer systems.
Parts II through V of this book cover these attacks in detail, along with specific
countermeasures you can implement against attacks on your systems.