Types of Attacks
Insider attacks can manifest themselves in all the same forms as external attacks, as well as some additional variations. An insider is perfectly placed to cause a massive denial of service to other users. This can take the form of traditional network-based denial-of-service attacks such as SYN floods. These are extremely simple to detect, however, and router and network logs will quickly pinpoint the attacker.
An insider can also deny service by launching other attacks. Some operating system vulnerabilities can only be exploited by a user with a valid logon to the system; others might normally be blocked at the corporate firewall. For example, there is a vulnerability in Windows 2000 in which a user can send a malformed Remote ...
Get Incident Response: A Strategic Guide to Handling System and Network Security Breaches now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
