Manualshelf

Datasheet

ManualsBrandsFor Dummies ManualsSoftware978-0-470-48738-9
12345678910
1046
Identifying Types of Attacks
To protect against wireless attacks you should implement encryption proto-
cols such as WPA2 and use an authentication server such as a RADIUS
server for network access For more information on wireless check out Book
VIII, Chapter 2.
Software-based attacks
Just as there are a number of different types of network attacks, there are
a number of software attacks as well. As you can likely guess, a software
attack comes through software that a user runs. The most popular software
attacks are mentioned in the sections that follow, and you should be familiar
with them for the A+ exams.
SQL injection
A SQL injection attack occurs when the hacker sends Transact SQL state-
ments (statements that manipulate a database) into an application so that
the application will send those statements to the database to be executed.
If the application developer does not validate data inputted in the application,
the hacker can modify the data or even delete it. The hacker can potentially
manipulate the OS through the application that sends the input to the database.
Trojan horse
A Trojan horse is software that a user is typically tricked into running on the
system; and when the software runs, it does something totally different than
what the user expected it to do. For example, NetBus (an older attack) is
an example of a Trojan horse program sent as a file called patch.exe. The
user receiving the file, typically through an e-mail, believes that the file will
fix a security issue. The problem is that patch.exe is a Trojan horse, and
when that horse starts running, it opens the computer up to allow a hacker
to connect to the system.
The hacker then uses a client program, like the one shown in Figure 1-3, to
connect to the system and start messing with the computer. The hacker can
do things like launch other programs, flip your screen upside-down, eject
your CD-ROM tray, watch your activity, and modify or delete files!
Virus
A virus is a program that causes harm to your system. Typically, viruses
are spread through e-mails and are included in attachments, such as word
processing documents and spreadsheets. The virus can do any of a number
of things: delete files from your system, modify the system configuration, or
e-mail all your contacts in your e-mail software. To prevent viruses, install
antivirus software and do not open any file attachments that arrive in your
e-mail that you are not expecting.
49_487389-bk09ch01.indd 104649_487389-bk09ch01.indd 1046 9/10/09 11:03 PM9/10/09 11:03 PM