|
 |
|
|
|
|
|
|
|
|
|
|
|
|
|
Finnish Communications Regulatory Authority (FICORA) Switchboard +358 9 69 661 Television fees Customer service of Fi-domain names +358 9 6966 700 |
Attack techniquesThe attacker can make use of several different methods to reach his goal. The choice of the method usually depends on the target and the software and services used by it. The methods of attack can be used for collecting information or for the attack itself. For instance the following methods can be used: Host scanning by means of which the attacker investigates the open ports of his target and the services used by it. Known security flaws and backdoors of known Trojans are searched automatically by scanners. These tools are used both by hackers and information security specialists in business. Social engineering, where the goodwill of people is misused. The attacker may for instance pretend to be an employee in the data processing division, make a phone call or send an e-mail under a false name and ask the personnel usernames and passwords referring to eventual problems in data processing and their repairing. The attacker may also present himself as a member of maintenance staff and thus get physically close to the information systems and files of the organisation. WAR dialing, by means of which the attacker calls through all the phone numbers of the target searching for open modem servers, which would thus bypass the target’s network controls. Breaching of passwords, where the attacker breaks the word pairs username-password by means of special software for breaching passwords. The current software is fairly sophisticated. The breaching software contains different techniques of breaching, such as dictionary attacks, where a password is sought by means of dictionaries of different languages, or techniques where the password is sought by going through all possible alternatives. Buffer overflow / Input validation, where the space reserved for input information in the application is exceeded. This may result in the fact that through the malfunction of the application the attacker can for instance make commands on the system level with access rights of the application. Attack against network protocol, where the attacker makes use of the weak points of the protocol definition (Smurf attack) or the weaknesses in the implementation of the protocol (Ping of Death attack). Flooding, where the attacker charges the target by sending a large number of service requests within a short time. Flooding is one of the most common methods of denial of service attacks. Malware, by means of which the attacker may succeed in bypassing the security precautions of the system and to open a route of attack from inside the system. Malware is often installed through another program or distributed through attachments to e-mail messages. Domain hijacking / DNS spoofing, where the attacker changes the operation of the name service in such a way that service requests addressed to a certain domain are directed to an address chosen by the attacker. ARP spoofing, where the attacker alters the router operation so that the packets to a certain address are directed to the attacker. Consequently, the attacker may for instance listen to, falsify or destroy network traffic between two parties. IP spoofing, where the attacker falsifies his own network address so that the target of the attack believes that the packets originate from a reliable source.
|
