Appendix A. Common Exploits and Attacks

105

Exploit

Description

Notes

Application

Attackers find faults in desktop and

Workstations and desktops are more

Vulnerabilities

workstation applications such as

prone to exploitation because

e mail clients and execute arbitrary

workers do not have the expertise or

code, implant trojans for future

experience to prevent or detect a

compromise, or crash systems.

compromise as servers run by an

Further exploitation can occur if the

administrator; it is imperative to

compromised workstation has

inform individuals of the risks they

administrative privileges on the rest of

are taking when they install

the network.

unauthorized software or open

unsolicited mail

Safeguards can be implemented such

that email client software does not

automatically open or execute

attachments. Additionally, the

automatic updating of workstation

software via Red Hat Network or

other system management service can

alleviate the burdens of multi seat

security deployments.

Denial of Service

Attacker or group of attackers

The most reported DoS case

(DoS) Attacks

coordinate an attack on network or

occurred in 2000 when several

server resources by sending

highly trafficked sites were rendered

unauthorized packets to the target

unavailable by a coordinated ping

machine (either server, router, or

flood attack using several

workstation). This forces the resource

compromised systems with high

to become unavailable to legitimate

bandwidth connections acting as

users.

redirected broadcasters

Source packets are usually forged (as

well as rebroadcasted), making

investigation to the true source of the

attack difficult.

Advances in ingress filtering (IETF

rfc2267), and Network IDS

technology assist administrators in

tracking down and preventing

distributed DoS attacks.

Table A 1. Common Exploits