hacker and attacker. A hacker is a generic term for a person who likes getting into things. The
benign hacker is the person who likes to get into his/her own computer and understand how it
works. The malicious hacker is the person who likes getting into other people's systems. The
benign hackers wish that the media would stop bad-mouthing all hackers and use the term
'attacker' instead. Unfortunately, this is not likely to happen. In any event, the word used to
denote anybody trying to get into your system in this paper is 'attacker'. “Script Kiddie” is a
term used to describe a class of attacker who does not have sophisticated technical knowledge,
but rather simply has a collection of tools created by advanced hackers, and the basic
knowledge to use these tools to perform an attack.
Attackers can be classified into two categories.
1.Insider
2.Outsider
Insiders: – these are attackers who have legitimate reasons to use/access your internal
network. These include users who misuse privileges or who impersonate higher privileged
users. According to a frequently quoted statistic, insiders commit 80% of security breaches.
An insider is usually motivated by greed (cases of embezzlement or fraud) or revenge
(disgruntled employees or former employees).
Outsiders: – these attackers from outside your network attempt to attack your external
presence by defacing web servers, forwarding spam through e-mail servers, etc. They may
also attempt to go around the firewall to attack machines on the internal network. Outside
attackers may come from the Internet, wireless networks, dial-up lines, physical break-ins,
or from a partner (vendor, customer, reseller, etc.) network that is linked to your corporate
network. They may be advanced attackers specifically targeting your corporate network for
various reasons such as greed (e.g. credit card theft, corporate espionage) or “hacktivism”
(defacement of public websites due to perceived social / political issues); or (and far more
commonly) they may be Script Kiddies randomly attacking your systems based on the latest
vulnerabilities.
No comments:
New comments are not allowed.