Threats

From Guidance Share

Revision as of 06:35, 30 October 2006; Admin (Talk | contribs)
(diff) ←Older revision | Current revision | Newer revision→ (diff)
Jump to: navigation, search

Contents

Overview

A threat is an undesired event. A potential occurrence, often best described as an effect that might damage or compromise an asset or objective. It may or may not be malicious in nature. Below are relevant attacks organized by categories.

Audting and Logging

  • User denies performing an operation
  • Attackers exploit an application without leaving a trace
  • Attackers cover their tracks

Authentication

  • Network eavesdropping
  • Brute force attacks
  • Dictionary attacks
  • Cookie replay attacks
  • Credential theft

Authorization

  • Elevation of privilege
  • Disclosure of confidential data
  • Data tampering
  • Luring attacks


Configuration Management

  • Unauthorized access to administration interfaces
  • Unauthorized access to configuration stores
  • Retrieval of plaintext configuration secrets
  • Lack of individual accountability
  • Over-privileged process and service accounts

Cryptography

  • Poor key generation or key management
  • Weak or custom encryption
  • Checksum spoofing

Exception Management

  • Attacker reveals implementation details
  • Denial of service
  • Sensitive Data
  • Access to sensitive data in storage
  • Network eavesdropping
  • Data tampering

Input/Data Validation

  • Buffer overflows
  • Cross-site scripting
  • SQL injection
  • Canonicalization
  • Query string manipulation
  • Form field manipulation
  • Cookie manipulation
  • HTTP header manipulation

Session Management

  • Session hijacking
  • Session replay
  • Man in the middle
Personal tools