Threats

From Guidance Share

(Difference between revisions)
Jump to: navigation, search
Revision as of 06:33, 30 October 2006 (edit)
Admin (Talk | contribs)

← Previous diff
Revision as of 06:35, 30 October 2006 (edit)
Admin (Talk | contribs)

Next diff →
Line 1: Line 1:
-A threat is an undesired event. A potential occurrence, often best described as an effect that might damage or compromise an asset or objective. It may or may not be malicious in nature. 
-==Input/Data Validation==+== Overview ==
-* Buffer overflows +A threat is an undesired event. A potential occurrence, often best described as an effect that might damage or compromise an asset or objective. It may or may not be malicious in nature. Below are relevant attacks organized by categories.
-* Cross-site scripting + 
-* SQL injection +== Audting and Logging ==
-* Canonicalization+* User denies performing an operation
-* Query string manipulation +* Attackers exploit an application without leaving a trace
-* Form field manipulation +* Attackers cover their tracks
-* Cookie manipulation +
-* HTTP header manipulation+
== Authentication == == Authentication ==
Line 24: Line 21:
* Luring attacks * Luring attacks
-== Audting and Logging == 
-* User denies performing an operation  
-* Attackers exploit an application without leaving a trace  
-* Attackers cover their tracks 
== Configuration Management == == Configuration Management ==
Line 48: Line 41:
* Network eavesdropping * Network eavesdropping
* Data tampering * Data tampering
 +
 +==Input/Data Validation==
 +* Buffer overflows
 +* Cross-site scripting
 +* SQL injection
 +* Canonicalization
 +* Query string manipulation
 +* Form field manipulation
 +* Cookie manipulation
 +* HTTP header manipulation
== Session Management == == Session Management ==

Revision as of 06:35, 30 October 2006

Contents

Overview

A threat is an undesired event. A potential occurrence, often best described as an effect that might damage or compromise an asset or objective. It may or may not be malicious in nature. Below are relevant attacks organized by categories.

Audting and Logging

  • User denies performing an operation
  • Attackers exploit an application without leaving a trace
  • Attackers cover their tracks

Authentication

  • Network eavesdropping
  • Brute force attacks
  • Dictionary attacks
  • Cookie replay attacks
  • Credential theft

Authorization

  • Elevation of privilege
  • Disclosure of confidential data
  • Data tampering
  • Luring attacks


Configuration Management

  • Unauthorized access to administration interfaces
  • Unauthorized access to configuration stores
  • Retrieval of plaintext configuration secrets
  • Lack of individual accountability
  • Over-privileged process and service accounts

Cryptography

  • Poor key generation or key management
  • Weak or custom encryption
  • Checksum spoofing

Exception Management

  • Attacker reveals implementation details
  • Denial of service
  • Sensitive Data
  • Access to sensitive data in storage
  • Network eavesdropping
  • Data tampering

Input/Data Validation

  • Buffer overflows
  • Cross-site scripting
  • SQL injection
  • Canonicalization
  • Query string manipulation
  • Form field manipulation
  • Cookie manipulation
  • HTTP header manipulation

Session Management

  • Session hijacking
  • Session replay
  • Man in the middle
Personal tools