<<< Date Index >>>     <<< Thread Index >>>

Re: Multi stage attacks on networks?




On Thu, 29 Apr 2004, Sudhakar-bugtraq Govindavajhala wrote:

>       I am a Ph.D. student studying network security at Princeton
> University.  I am trying to see if attacker can use a series of
> vulnerabilities to take over a particular resource.  Has there been prior
> work on this topic earlier? Can someone give me a real example where the
> adversary actually uses  a series of vulnerabilities to break into a
> resource?
>
>       May be he uses the webserver in DMZ and then uses it to get access
> to fileserver and then uses it to compromise something else?

Almost any compromise is conducted in this manner. I can't think of any
single compromise that didn't start at one point and then turn into a romp
through more vulnerable resources. Dig around for horror stories of IP
capable printers configured with default gateways and default admin
passwords. Another example would be the use of worm style backdoor
infections used as launchpads for more nefarious hilarity.

Go, go, gadget google.

- billn