Tải bản đầy đủ (.pdf) (7 trang)

Bảo mật hệ thống mạng part 4 pps

Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (226.01 KB, 7 trang )

Chapter 2: Types of Attacks
21
MODIFICATION ATTACKS
A modification attack is an attempt to modify information that an attacker is not autho
-
rized to modify. This attack can occur wherever the information resides. It may also be at
-
tempted against information in transit. This type of attack is an attack against the
integrity of the information.
Changes
One type of modification attack is to change existing information, such as an attacker
changing an existing employee’s salary. The information already existed in the organiza
-
tion but it is now incorrect. Change attacks can be targeted at sensitive information or
public information.
Figure 2-4.
Interception using incorrect name resolution information
Insertion
Another type of modification attack is the insertion of information. When an insertion at
-
tack is made, information that did not previously exist is added. This attack may be
mounted against historical information or information that is yet to be acted upon. For
example, an attacker might choose to add a transaction in a banking system that moves
funds from a customer’s account to his own.
Deletion
A deletion attack is the removal of existing information. This could be the removal of in
-
formation in a historical record or in a record that is yet to be acted upon. For example, an
attacker could remove the record of a transaction from a bank statement (thus causing the
funds that would have been taken from the account to remain).
How Modification Attacks Are Accomplished


As with access attacks, modification attacks can be performed against information in pa-
per form or electronic form.
Information on Paper
Paper records can be difficult to modify without being detected. If documents are signed
(such as contracts), care must be taken to re-create the signatures. If a large stapled or
bound document is to be modified, the document must be reassembled so as to not show
that it was modified.
It is very difficult to insert or delete information from written transaction logs. Since
the information in these logs is chronological, any attempt to add or remove entries
would be noticed.
In most cases, attempts to modify paper documents may best be accomplished by re
-
placing the entire document. Of course, this type of attack will require physical access to
the documents.
Electronic Information
Modifying information in an electronic form is significantly easier than modifying informa
-
tion stored on paper. Assuming that the attacker has access to files, modifications can be
made with little evidence. If the attacker does not have authorized access to the files, the at
-
tacker would first have to increase his access to the system or remove the permissions on the
file. As with access attacks, the attacker could first execute an exploitation of a vulnerability
on the computer system. Then, with the increased access, the file may be modified.
Changes to database files or transaction queues must be performed carefully. In some
cases, transactions are numbered sequentially and the removal or addition of an incorrect
transaction number will trigger an alarm. In these cases, the attacker must make signifi
-
cant changes to the overall system to keep the changes from being detected.
22
Network Security: A Beginner’s Guide

It is more difficult to successfully mount a modification attack of information in tran
-
sit. The best way to do this would be to first execute an interception attack against the traf
-
fic of interest and then change the information before passing it on to the destination.
DENIAL-OF-SERVICE ATTACKS
Denial-of-service (DoS) attacks are attacks that deny the use of resources to legitimate us
-
ers of the system, information, or capabilities. DoS attacks generally do not allow the at
-
tacker to access or modify information on the computer system or in the physical world.
DoS attacks are nothing more than vandalism.
Denial of Access to Information
A DoS attack against information causes that information to be unavailable. This may be
caused by the destruction of the information or by the changing of the information into an
unusable form. This situation can also be caused if the information still exists but has been
removed to an inaccessible location.
Denial of Access to Applications
Another type of DoS attack is to target the application that manipulates or displays infor-
mation. This is normally an attack against a computer system running the application. If
the application is not available, the organization cannot perform the tasks that are done
by that application.
Denial of Access to Systems
A common type of DoS attack is to bring down computer systems. In this type of attack,
the system along with all applications that run on the system and all the information that
is stored on the system become unavailable.
Denial of Access to Communications
DoS attacks against communications have been performed for many years. This type of
attack can range from cutting a wire, to jamming radio communications, to flooding net
-

works with excessive traffic. Here the target is the communications media itself.
Normally, systems and information are left untouched but the lack of communications
prevents access to the systems and information.
How Denial-of-Service Attacks Are Accomplished
DoS attacks are primarily attacks against computer systems and networks. This is not to
say that there are no DoS attacks against information on paper, just that it is much easier
to conduct a DoS attack in the electronic world.
Chapter 2: Types of Attacks
23
Information on Paper
Information that is physically stored on paper is subject to physical DoS attacks. To
make the information unavailable, it must either be stolen or destroyed in place. Destruc
-
tion of the information can be accomplished intentionally or accidentally. For example,
an attacker could shred paper records. If no other copies exist, the records are destroyed.
Likewise, an attacker could set fire to a building that contains the paper records. This
would destroy the records and deny the use of them to the organization.
Accidental causes can have the same effect. For example, a fire might start due to
faulty wiring or an employee might shred the wrong documents by mistake. In either
case, the information is gone and thus is not available for the organization to use.
Electronic Information
There are many ways that information in electronic form can suffer a DoS attack. Infor
-
mation can be deleted in an attempt to deny access to that information. In order to be suc
-
cessful, this type of attack would also require that any backups of the information also be
deleted. It is also possible to render information useless by changing the file. For example,
an attacker could encrypt a file and then destroy the encryption key. In that way, no one
could get access to the information in the file (unless a backup was available).
Information in electronic form is susceptible to physical attacks as well. The computer

system with the information could be stolen or destroyed. Short-term DoS attacks against
the information can be made by simply turning off the system. Turning off the system will
also cause a DoS against the system itself. Computer systems can also be crippled by DoS at-
tacks aimed directly at the system. Several such attacks exist (either due to vulnerabilities in
the operating systems or known protocol issues—see Chapter 13 for more details).
Applications can be rendered unavailable through any number of known vulnerabili-
ties. This type of vulnerability allows an attacker to send a predefined set of commands to
the application that the application is not able to process properly. The application will
likely crash when this occurs. Restarting the application restores service but the applica
-
tion is unavailable for the time it takes to restart.
Perhaps the easiest way to render communications unusable is to cut the wire. This type
of attack requires physical access to the network cables but as we have seen over time,
backhoes make great DoS tools. Other DoS attacks against communications consist of send
-
ing extraordinarily large amounts of traffic against a site. This amount of traffic overwhelms
the communications infrastructure and thus denies service to legitimate users.
Not all DoS attacks against electronic information are intentional. Accidents play a
large role in DoS incidents. For example, the backhoe that I mentioned in the last para
-
graph might cut a fiber-optic transmission line by accident while working on another job.
Such cuts have caused widespread DoS incidents for telephone and Internet users. Like
-
wise, there have been incidents of developers testing new code that causes large systems
to become unavailable. Clearly, most developers do not have the intent of rendering their
systems unavailable. Even children can cause DoS incidents. A child on a data center tour
will be fascinated by all the blinking lights. Some of these lights and lighted switches will
24
Network Security: A Beginner’s Guide
be near eye level for a child. The temptation to press a switch and possibly shut down a

system will be immense.
REPUDIATION ATTACKS
Repudiation is an attack against the accountability of the information. In other words, re
-
pudiation is an attempt to give false information or to deny that a real event or transaction
should have occurred.
Masquerading
Masquerading is an attempt to act like or impersonate someone else or some other sys
-
tem. This attack can occur in personal communication, in transactions, or in sys
-
tem-to-system communications.
Denying an Event
Denying an event is simply disavowing that the action was taken as it was logged. For ex-
ample, a person makes a purchase at a store with a credit card. When the bill arrives, the
person tells the credit card company that he never made the purchase.
How Repudiation Attacks Are Accomplished
Repudiation attacks can be made against information in physical form or electronic
form. The difficulty of the attack depends upon the precautions that are provided by the
organization.
Information on Paper
An individual can masquerade by using someone else’s name on a document. If a signa
-
ture is required on the document, the attacker must forge the signature. It is much easier
to masquerade when using a typed document rather than a handwritten document.
An individual can deny an event or transaction by claiming that he or she did not ini
-
tiate it. Again, if signatures are used on contracts or credit card receipts, the individual
must show that the signature is not his or her own. Of course, someone who is planning to
perform this type of attack, might make the signature look wrong in the first place.

Electronic Information
Electronic information may be more susceptible to a repudiation attack than information
in physical form. Electronic documents can be created and sent to others with little or no
proof of the identity of the sender. For example, the “from” address of an e-mail can be
changed at will by the sender. There is little or no checking done by the electronic mail
system to verify the identity of the sender.
Chapter 2: Types of Attacks
25
The same is true for information sent from computer systems. With few exceptions,
any computer system can take on any IP address. Thus, it is possible for a computer sys
-
tem to masquerade as another system.
NOTE:
This is a very simplified example. One system can take on the IP address of another if it is on
the same network segment. Taking on the IP address of another system across the Internet is not easy
and does not provide a true connection.
Denying an event in the electronic world is much easier than in the physical world.
Documents are not signed with handwritten signatures and credit card receipts are not
signed by the customer. Unless a document is signed with a digital signature, there is
nothing to prove that the document was agreed to by an individual. Even with digital sig
-
natures, a person could say that the signature was somehow stolen or that the password
protecting the key was guessed. Since there is very little proof to link the individual to the
event, denying it is much easier.
Credit card transactions are also easier to deny in the electronic world. There is no sig
-
nature on the receipt to match against the cardholder’s signature. There may be some
proof if the goods were sent to the cardholder’s address. But what if the goods were sent
somewhere else? What proof is there that the cardholder was actually the person who
purchased the goods?

26
Network Security: A Beginner’s Guide
CHAPTER
3
Information
Security Services
27
Copyright 2001 The McGraw-Hill Companies, Inc. Click Here for Terms of Use.

×