Re: On classifying attacks

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: On classifying attacks
From: john mullee <jmullee@xxxxxxxxx>
Date: Sat, 1 Apr 2006 12:46:36 +0100 (BST)
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=1fesmGgPSfWmxYhIhZkWPH73tUmBi6ePhDQuDRmY8Ke8X+RLmnoLNdl9XxJk58VpFOyjhiAKJ2ljCV1j3iXyC3w2FZ7cqNpy1OPMeRVqS0AHEdYlhFOMNZJYBrH2eLlmyPqsDe3UnMNyaS4UFdhOavxvAzy9BtrJl+o+C7rdYYU= ;
In-reply-to: <442C3B76.60805@xxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Reply-to: jmullee@xxxxxxxxx

--- Gadi Evron <ge@xxxxxxxxxxxx> wrote:

> David M Chess wrote:
> > But many of us *love* to argue about taxonomies and word meanings (it's 
> > cheaper than booze anyway).  *8)
> 1. A user-assisted remote attack.
> 2. A client-side remote attack.
> 
> I.e., we can add "user assisted" as a class like "local" and "remote", 
> or add types (think ICMP here).

> Vulnerability Types [Optional]
> 1. Client-side
> 2. User-assisted

> Questions remain:
> - How does one treat an SQL injection?

I think essentially the problem of trojans, phishes and poisoned data is that 
of masquerading.

For trojans, the problem is e.g. lack of system-attention key; for Phish, lack 
of authentication
protocols etc; and for injection, the vulnerability is in the input data 
scrubbing.

Injection requires a bug in one place: the (web-)application code.

What follows is leveraged hijacking, with perhaps masquerading as an 
intermediate step.

.02

john

___________________________________________________________ 
NEW Yahoo! Cars - sell your car and browse thousands of new and used cars 
online! http://uk.cars.yahoo.com/

References:
- Re: On classifying attacks
  - From: Gadi Evron

Prev by Date: Re: On product vulnerability history and vulnerability complexity
Next by Date: Re: recursive DNS servers DDoS as a growing DDoS problem
Previous by thread: Re: On classifying attacks
Next by thread: Re: On classifying attacks
Index(es):
- Date
- Thread