Опубликованный материал нарушает ваши авторские права? Сообщите нам.
Вуз: Предмет: Файл:
Securing Cisco IOS Networks Study Guide - Carl Timm.pdf
9.74 Mб

Types of Network Security Threats


Types of Network Security Threats

Sadly, human nature does have a nasty side. And unfortunately, its lust for power, money, and revenge is sometimes aimed straight at your data. Though most of us aren’t twisted, depraved, and ethically challenged, it’s our fellow humans who can and often do present serious threats to our network data. You simply must realize that you need to protect it. And you can—but before you actually begin to secure your data, you must understand the different types of threats looming out there, just waiting for the opportunity to strike. There are four primary threats to network security that define the type of attacker you could be dealing with some day:

Unstructured threats Unstructured threats typically originate from curious people who have downloaded information from the Internet and want to feel the sense of power this provides them. Sure, some of these folks—commonly referred to as Script Kiddies—can be pretty nasty, but most of them are just doing it for the rush and for bragging rights. They’re untalented, inexperienced hackers, and they’re really just motivated by the thrill of seeing what they can do.

Structured threats Hackers who create structured threats are much more sophisticated than Script Kiddies. They are technically competent and calculating in their work, they usually understand network system design, and they are well versed in how to exploit routing and network vulnerabilities. They can and often do create hacking scripts that allow them to penetrate deep into a network’s systems at will. They tend to be repeat offenders. Both structured and unstructured threats typically come from the Internet.

External threats External threats typically come from people on the Internet or from someone who has found a hole in your network from the outside. These serious threats have become ubiquitous in the last six to seven years, during which time most companies began to show their presence on the Internet. External threats generally make their insidious way into your network via the Internet or via a dial-up server, where they try to gain access to your computer systems or network.

Internal threats Internal threats come from users on your network, typically employees. These are probably the scariest of all threats because they’re extremely tough to both catch and stop. And because these hackers are authorized to be on the network, they can do some serious damage in less time because they’re already in and they know their way around.

Plus, the profile of an internal threat is that of the disgruntled, angry, and vengeful former or current employee, or even a contractor who wants nothing more than to cause some real pain and suffering! Although most users know this type of activity is illegal, some users also know it’s fairly easy to cause a lot of damage—fast—and that they have a shake at getting away with it. That can be a huge, irresistible temptation to those with the right modus operandi or the wrong temperament!

Copyright ©2003 SYBEX Inc., 1151 Marina Village Parkway, Alameda, CA 94501.