Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Vuln-Dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: On classifying attacks

from [Steven M. Christey] Network Security [Permanent Link]
Subject: Re: On classifying attacks
Date: Mon, 18 Jul 2005 16:07:51 -0400 (EDT) 

Derek Martin said:


The vulnerability is neither truly remote nor local, in the normal
senses as we have defined them here.  It is a different kind of
vulnerability altogether.  The vulnerability is one to automatically
triggering trojan horses....


I agree with you on the need for a third category.

Another term could be "user-complicit," which reflects the core role
that the user has in activating the vulnerability, versus the
traditional "automatic" exploitation (no human user interaction) and
"opportunistic" exploitation (attacker has no control over when the
vulnerable state occurs, as can happen in some types of information
leaks for example).

Depending on the normal channels by which the "trojan" is delivered,
the attack could be "local user-complicit" or "remote user-complicit."
For example, images are usually shared in some remote fashion, thus a
vulnerability in an image renderer could be remote user-complicit,
whereas a vulnerability that requires a local user to trick another
local user into changing into a directory with a large name would be
local user-complicit.

One small difficulty I have with associating this too closely with the
"trojan horse" terminology is that many Trojans are inserted after a
vulnerability has been exploited and access is gained, so this further
muddies the waters of an already vague term.

- Steve
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: On classifying attacks, James Longstreet
Next by Date:  Re: On classifying attacks, Mihai Amarandei-Stavila
Previous by Thread:  Re: On classifying attacks, Indigo Haze
Next by Thread:  Re: On classifying attacks, Dustin D. Trammell
Indexes:  [Date] [Thread] [Top] [All Lists]