Rootkit.nl Logo - By Henry
   Home | Projects | Articles | Security Net | Contributors | Contact | Wishlist  

Security attacks



This list shows an overview of security attacks per area, including a description, tools involved and counter measures.

Any attack missing? Fill in the contact form!

Attack Description Tools Counter tools Counter measures
Hardware
DRAM chip freezingThis is done to exploit the little-known vulnerability of the DRAM chip, which can restore data while frozen Physical protection of host
Mod chippingBy placing a mod chip, protection layers can be circumvented
Network
ARP poisoningBy polluting ARP tables of switches/hosts, machines can be redirected to a man-in-the-middle host.Cain & Abel
CAM Overflow / MAC floodingFlooding a switch port with different MAC source addresses, trying to consume all the available memory. In some cases this could lead to a state in which the switch leaks data to other ports.Enable MAC limiting
Denial of ServiceLimiting the remaining resources of the victim, by overloading it with a high amount of, or malicious requests.
Man-in-the-middleaka bucket-brigade attack
Traffic sniffingSniffing network traffic when having access to the wireless or physical networkdsniff
Passwords
Dictionary attacks
Rainbow table attack
Weak passwordJohn the RipperUsing strong password policy
Software
Backdoor
Data hidingCompressing (APX)
Reverse engineering
RootkitChkrootkit, Rootkit Hunter, Skdet
Trojan
Web applications
Back-end authentication
Buffer overflow
Credential management
Cross site scripting (XSS)
MAC spoofing
Password in memory
Session hijacking
SQL injection
URL manipulation
Weak keysWEP uses a weak key mechanism
Web server configuration


Lynis Enterprise Suite

This website is also part of our mission to help individuals and companies to secure their systems and comply with regulations. As such, this website is additional guide for the open source community and our users of the Lynis Enterprise Suite:

Complete solution to audit, harden and secure your Linux/Unix environment.

Benefits:
  • Perform audits within a few minutes
  • Central management
  • Powerful reporting
  • Additional plugins and more tests

Lynis Enterprise screenshot
Lynis Enterprise Screenshot: Output of a customized implementation plan

Tell me more »


Testimonials

"A master piece of software and a must for every server admin." - Jose

"Happy installing Lynis on every server I install. Also made some changes for automation and having regular scans of the system. For several customers I made some custom checks on integrity." - Rick Voormolen


About
» About

Thanks to
» Contributors
» Sponsors








Valid XHTML 1.0!


[PHPips enabled]
 
Copyright 2003-2017 Rootkit.nl and Michael Boelen, supported by CISOfy
All rights reserved
Hosted by Shock Media