Manualshelf

Datasheet

ManualsBrandsFor Dummies ManualsSoftware978-0-470-64748-6
11121314151617181920
460
Identifying Types of Attacks
To protect against buffer overflow attacks, you need to keep the system,
applications, and devices up to date with patches and security fixes.
Software-based attacks
Just like there are a number of different types of network attacks, there are a
number of software attacks. As you can likely guess, a software attack comes
through software that a user runs. The most popular software attacks are
mentioned in the sections that follow, and you should be familiar with them
for the CCENT certification exam.
SQL injection
A SQL injection attack occurs when the hacker sends Transact SQL
statements (statements that manipulate a database) into an application so
that the application will send those statements to the database server to be
executed. If the application developer does not validate data inputted into
the application, the hacker can modify the data in the underlying database
or even manipulate the system.
Viruses
A virus is a program that causes harm to your system. Typically, viruses are
spread through e-mails and are included in attachments, such as word
processing documents and spreadsheets. The virus can do any of a number
of things: It can delete files from your system, modify the system configuration,
or e-mail all your contacts in your e-mail software. To prevent viruses, install
antivirus software and do not open any unexpected file attachments that
arrive in your e-mail.
Trojan horse
A Trojan horse is a type of virus that a user is typically tricked into running
on the system, and when the software runs, it does something totally
different from what the user expected it to do. For example, NetBus (an
older Trojan horse virus) is an example of a Trojan horse virus sent as a file
called patch.exe. The user receiving the file — typically through an e-mail —
believes the file will fix a security issue. The problem is that patch.exe is a
Trojan horse, and when that horse starts running, it opens the computer up
to allow a hacker to connect to the system.
The hacker then uses a client program, like the one shown in Figure 1-3, to
connect to the system and start messing with the computer. The hacker can
do things like launch other programs, flip your screen upside down, eject
your CD-ROM tray, watch your activity, and modify or delete files!
Worm
A worm is a virus that does not need to be activated by someone opening the
file. It is self-replicating, meaning that it spreads itself from system to system
22_647486-bk04ch01.indd 46022_647486-bk04ch01.indd 460 10/15/10 11:27 PM10/15/10 11:27 PM