Saturday, December 19, 2009

Hacking Phase 3 - Gaining Access - The hacker exploits the system

Phase 3 - Gaining Access

*

Gaining Access refers to the true attack phase. The hacker exploits the system.
*

The exploit can occur over a LAN, locally, Internet, offline, as a deception or theft. Examples include stack-based buffer overflows, denial of service, session hijacking, password filtering etc.
*

Influencing factors include architecture and configuration of target system, skill level of the perpetrator and initial level of access obtained.
*

Business Risk - 'Highest' - The hacker can gain access at operating system level, application level or network level.

0 comments:

Post a Comment