You ain't seen these, right..?.
By Pia Heikkila
Published: 21 November 2001 17:30 GMT
Company networks could soon be subjected to a host of as-yet unheard of high-tech attacks, according to David Wray, the MD of Sec-Tec, an independent security consultancy.
Security expert Wray said although most companies are aware of viruses, worms, Trojans and Denial of Service (DOS) attacks, many IT departments have never heard of such threats as input validation attacks, SQL injection or reverse channel Trojans.
Wray said: "These methods of attack have not been widely reported, but there is evidence they can easily take place. Most of the attacks exploit the vulnerabilities caused by developers' oversights, as it is impossible to build software where every single possibility is taken into consideration."
Input validation attacks - common to C-based languages such as C# - allow hackers to trick the remote system running any programme and take control of the server.
SQL injections attack middleware and cause the SQL server to create a fake name and an address filed in the middleware database where, for example, credit card details could be stored. The attacker can then send a command requesting all the information in that database.
The reverse channel Trojans are far more vicious than regular Trojans, which can be stopped by firewalls. Once the reverse channel Trojan has got inside a system via an attachment or a download, the Trojan initiates an outbound connection. This connection can be made to look like a normal FTP/web connection, normally permitted by firewalls, allowing the attacker to take control of the system remotely.
These next-generation threats attack on multiple levels of the network infrastructure. CompanyMcAfee creates best-of-breed computer security ...
We require a PC Software Development Engineer Qualifications: Degree qualified in Software Engineering Experience: C++ programming language and ...
The role involves the secure management and administration of all data network technologies, in particular that of the Cisco Switches and Firewalls, ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy