Firewall
BAT54-Rail/F..
Release
7.54
06/08
8.1
Threat analysis
251
A third possibility is to access an existing data connection and use it as a
free-rider. The attacker observes here the Internet connection of the victim
and analyses the connections. Then he uses e. g. an active FTP connection
to smuggle his own data packets into the protected LAN.
A variant of this method is the “man-in-the-middle” attack. The attacker ob-
serves here first the communication of two workstations, and gets then in be-
tween.
8.1.4 The victims
The question about the degree of exposure for an attack influences to a con-
siderable degree the expenditure one wants to or must meet for defending.
In order to assess whether your network would be particularly interesting for
an attacker as a potential victim, you can consult the following criteria:
D Particularly endangered are networks of common known enterprises or
institutions, where valuable information is suspected. Such information
would be e.g. the results of research departments, which are gladly seen
by industrial spies. Or, on the other hand, bank servers, on which big
money is distributed.
D Secondly, also networks of smaller organizations are endangered, which
perhaps are only interesting to special groups. On the workstations of tax
consultants, lawyers or doctors do slumber certainly some information
quite interesting for third persons.
D Last but not least also workstations and networks are victims of attackers,
which obviously offers no use for the attackers. Just the “script kiddies”
testing out their possibilities by youthful ambition are sometimes just
searching for defenceless victims in order to practise for higher tasks.
The attack against an unprotected, apparently not interesting workstation
of a private person can also serve the purpose to prepare a basis for fur-
ther attacks against the real destination in a second step. The worksta-
tion of “no interest” becomes source of attacks in a second step, and he
attacker can disguise his identity.
All things considered, we can resume that the statistical probability for an at-
tack to the network of a global player of the industry may be higher than to a
midget network of the home office. But probably it is only a matter of time that
a defenceless workstation installed in the Internet will - perhaps even acci-
dentally - become the victim of attacks.
To Next Page
Loading...
Need help?
General
