Internet infrastructure attacks
These rare but serious attacks involve key components of the Internet infrastructure rather than specific systems on the Internet. Examples are network name servers, network access providers, and large archive sites on which many users depend. Widespread automated attacks can also threaten the infrastructure. Infrastructure attacks affect a large portion of the Internet and can seriously hinder the day-to-day operation of many sites.
Assignments
1. Translate the sentences from the texts into Russian in writing paying attention to the underlined words and phrases:
1. The fact that the violation might occur means that those actions that could cause it to occur must be guarded against (or prepared for).
2. Threats can be divided into four broad classes: disclosure, or unauthorized access to information; deception, or acceptance of false data; disruption, or interruption or prevention of correct operation; and usurpation, or unauthorized control of some part of a system.
3. Active wiretapping is a form of modification in which data moving across a network is altered; the term "active" distinguishes it from snooping("passive" wiretapping).
4. Masquerading or spoofing is often used to usurp control of a system by an attacker impersonating an authorized manager or controller.
5. Attackers may "flood" a network with large volumes of data or deliberately consume a scarce or limited resource, such as process control blocks or pending network connections.
6. Scans can sometimes be the result of a misconfiguration or other error, but they are often a prelude to a more directed attack on systems that the intruder has found to be vulnerable.
7. An account compromise is the unauthorized use of a computer account by someone other than the account owner, without involving system-level or root-level privileges (privileges a system administrator or network manager has).
8. A packet sniffer is a program that captures data from information packets as they travel over the network. That data may include user names, passwords, and proprietary information that travels over the network in clear text.
2. Answer the following questions:
1. What is the principal difference between threats and attacks?
2. What are the four classes that encompass common threats?
3. What is the difference between passive and active wiretapping?
4. How do various types of denial-of-service attacks work?
5. Can the breaches of the system security be unintentional?
6. What are the consequences of a malicious code execution?
3. Translate into English:
Для подготовки и проведения атак могут использоваться либо специально разработанные для этих целей программные средства, либо легальные программы «мирного» назначения. Так, последний пример показывает, как легальная программа ping, которая создавалась в качестве инструмента диагностики сети, может быть применена для подготовки атаки. При проведении атак злоумышленнику важно не только добиться своей цели, заключающейся в причинении ущерба атакуемому объекту, но и уничтожить все следы своего участия в этом. Одним из основных приемов, используемых злоумышленниками для «заметания следов», является подмена содержимого пакетов (spoofing). В частности, для сокрытия места нахождения источника вредительских пакетов (например, при атаке отказа в обслуживании) злоумышленник изменяет значение поля адреса отправителя в заголовках пакетов. Поскольку адрес отправителя генерируется автоматически системным программным обеспечением, злоумышленник вносит изменения в соответствующие программные модули так, чтобы они давали ему возможность отправлять со своего компьютера пакеты с любыми IP-адресами.