Unformatted text preview: eason that IP spoofing is so easily accomplished is that the protocol of the
Internet, IP, was developed during a time when security was rarely considered. Back
then, developers were much more focused on functionality, and probably could not
have imagined all the various types of attacks that would be carried out using the protocols they developed. ch10.indd 904 12/4/2009 11:39:13 AM All-in-1 / CISSP All-in-One Exam Guide, 5th Ed. / Harris / 160217-8 Chapter 10: Legal, Regulations, Compliance, and Investigations 905
NOTE Spoofing can be considered a masquerading attack. Masquerading is
the act of trying to pretend to be someone else. Dumpster Diving
I went through your garbage and found your Social Security number, credit card number, network schematics, mother’s maiden name, and evidence that you wear funny underwear.
Dumpster diving refers to the concept of rummaging through a company or individual’s
garbage for discarded documents, information, and other precious items that could
then be used in an attack against that company or person. The intruder would have to
gain physical access to the premises, but the area where the garbage is kept is usually
not highly guarded. Dumpster diving is unethical, but it’s not illegal. Trespassing is illegal, however, and may be done in the process of dumpster diving. (Laws concerning
this may vary in different states.)
Industrial spies can raid corporate dumpsters to find proprietary and confidential
information. Credit card thieves can go through dumpsters to retrieve credit card information from discarded receipts. Emanations Capturing
Do you think we should be worried about that white van in the parking lot with the huge antenna, large amount of power cords, and the pizzas continually being delivered to it?
Emanations, and the way attackers eavesdrop on them, are addressed in Chapter 4
in the “Tempest” section. Basically, every electrical device emits electrical waves into the
surrounding environment. These waves c...
View Full Document
This note was uploaded on 06/01/2013 for the course NET 125 taught by Professor Hurst during the Fall '12 term at Wake Tech.
- Fall '12