Red Hat NETSCAPE MANAGEMENT SYSTEM 6.2 - COMMAND-LINE Guida di Installazione Pagina 62
- Pagina / 82
- Indice
- SEGNALIBRI
Valutato. / 5. Basato su recensioni clienti
network.
In this case, the attacker will look the system over for weaknesses. And possibly make many different kinds
of attempts, until he finds a crack to wiggle through. Or gives up. This is more difficult to defend against. The
attacker is armed and dangerous, so to speak, and is stalking his prey.
Again, this scenario is very unlikely for a typical home system. There just generally isn't any incentive to take
the time and effort when there are bigger fish to fry. For those who may be targets, the best defense here
includes many of things we've discussed. Vigilance is probably more important than ever. Good logging
practices and an IDS (Intrusion Detection System) should be in place. And subscribing to one or more
security related mailing lists like BUGTRAQ. And of course, reading those alerts daily, and taking the
appropriate actions, etc.
8.4.7. Denial of Service (DoS)
"DoS" is another type of "attack" in which the intention is to disrupt or overwhelm the targeted system or
network in such a way that it cannot function normally. DoS can take many forms. On the Internet, this often
means overwhelming the victim's bandwidth or TCP/IP stack, by sending floods of packets and thus
effectively disabling the connection. We are talking about many, many packets per second. Thousands in
some cases. Or perhaps, the objective is to crash a server.
This is much more likely to be targeted at organizations or high profile sites, than home users. And can be
quite challenging to stop depending on the technique. And it generally requires the co−operation of networks
between the source(s) and the target, so that the floods are stopped, or minimized, before they reach the
targeted destination. Once they hit the destination, there is no good way to completely ignore them.
"DDoS", Distributed Denial of Service, is where multiple sources are used to maximize the impact. Again,
not likely to be directly targeted at home users. These are "slaves" that are "owned" by a cracker, or script
kiddie, that are woken up and are targeted at the victim. There may be many computers involved in the
attack.
If you are home user, and with a dynamic IP address, you might find disconnecting, then re−connecting to get
a new IP, an effective way out if you are the target. Maybe.
8.4.8. Brute Force
"Brute force" attacks are where the attacker makes repetitive attempts at the same perceived weakness(es).
Like a battering ram. A classic example would be where someone tries to access a telnet server simply by
continually throwing passwords at it, hoping that one will eventually work. Or maybe crash the server. This
doesn't require much imagination, and is not a commonly used tactic against home systems.
By the way, this is one good argument against allowing remote root logins. The root account exists on all
systems. It is probably the only one that this is true of. You'd like to make a potential attacker guess both the
login name and password. But if root is allowed remote logins, then the attacker only needs to guess the
password!
Security Quick−Start HOWTO for Red Hat Linux
8.4.7. Denial of Service (DoS) 59
- Hal Burgiss 1
- Table of Contents 2
- 1. Introduction 4
- 1.2. Notes 5
- 1.3. Copyright 5
- 1.4. Credits 6
- 1.5. Disclaimer 6
- 1.7. Feedback 7
- 2. Foreword 8
- 2.2. Before We Start 9
- 3.1. System Audit 10
- 3.3. Stopping Services 12
- 3.3.1. Stopping Init Services 13
- 3.3.2. Inetd 14
- 3.3.2. Inetd 12 15
- 3.3.3. Xinetd 16
- 3.3.4. When All Else Fails 17
- 3.4. Exceptions 18
- 4. Step 2: Updating 20
- 4. Step 2: Updating 18 21
- 5.1. Strategy 22
- 5.2.1. ipchains 23
- 5.2.1. ipchains 21 24
- 5.2.2. iptables 26
- 5.2.2. iptables 24 27
- 5.3. Tcpwrappers (libwrap) 29
- 5.3.1. xinetd 31
- 5.4. PortSentry 32
- 5.5. Proxies 32
- 5.6. Individual Applications 33
- 5.7. Verifying 35
- 5.8. Logging 36
- 5.9. Where to Start 37
- 6. Intrusion Detection 39
- # chattr +i /bin/ps 40
- −−−i−−−−−−−−−− /bin/ps 40
- # chattr −i /bin/ps 40
- 7. General Tips 43
- # must exist 44
- root: hal@bigcat 44
- 8. Appendix 46
- 8.2. Common Ports 48
- 8.3. Netstat Tutorial 51
- 8.4. Attacks and Threats 59
- 8.4.2. Rootkits 60
- 8.4.3. Worms and Zombies 60
- 8.4.4. Script Kiddies 61
- 8.4.5. Spoofed IPs 61
- 8.4.6. Targeted Attacks 61
- 8.4.8. Brute Force 62
- 8.5. Links 63
- 8.6. Editing Text Files 65
- 8.7. nmap 68
- 8.8. Sysctl Options 71
- 8.8. Sysctl Options 69 72
- 8.9. Secure Alternatives 73
- 8.9. Secure Alternatives 71 74
- 8.9. Secure Alternatives 72 75
- 8.9. Secure Alternatives 73 76
- 8.10.2. iptables II 77
- 8.10.2. iptables II 75 78
- 8.10.2. iptables II 76 79
- 8.10.2. iptables II 77 80
- 8.10.3. Summary 81
- 8.10.4. iptables mini−me 82
© 2020, manymanuals.it. Tutti i diritti riservati | 0.023 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commenti su questo manuale