Lecture 21 - Message Confidentiality Threats Public nature...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Message Confidentiality Threats Public nature of networks easy for attacker to gain access to network Eavesdropping/wiretapping Other Threats: 1. Mis-delivery of messages - messages misdelivered or not delivered at all 2. Exposure - Messages expand in temporary buffers at routers. Attacker can also attempt to interrupt source or distribution 3. Traffic Flow Analysis - Existence of a message can be sensitive information Used to protect both content and header Message Integrity Threats: 1. Falsification of messages 2. Noise Web Site Defacement Between December 1999 and June 2001, Microsoft issued 17 patches for its web server software. Attacks: 1. Buffer overflow attack a. Most well known attack: iishack - Provide site to be attacked and URL of program to be executed on the web server. 2. Dot-Dot Address Problem - URL ( http://www. ..../. ./. ./. ./winnt/system32/autoexec.nt ) used to attack other applications from web applications on a web server.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 2

Lecture 21 - Message Confidentiality Threats Public nature...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online