| Name |
Definition |
Defense and Information |
| Buffer Overflow |
Undetected buffer overflow modifies memory placing new code to execute.
CPU/Compiler/OS depenedent. |
Write code which detects and prevents buffer overflow. |
| IP Smart Spoofing |
ARP cache poisoning,
network address translation and routing. |
Since ARP is stateless most trusting OS update cache when receiving
an ARP reply (even if they did not sent a request). |
| Pharming |
Redirect DNS requests to incorrrect IP [1] |
Update to latest software (e.g. BIND Ver 9 or later).
Do not trust external DNS use your own, or explicitly goto high level
DNS servers which have better software. There are only 13 root DNS
servers (run by governmental, educational and commercial entities);
which requires detaile arcane knowledge (see Adonis 1000 by BlueCat). [2] |
| Phishing |
User responds to an email requesting certain actions. |
Descrimination |
| Rebinding |
A vulnerability in Web browsers and their plug-ins that can be exploited to circumvent
firewalls or to temporarily hijack a client's IP address. |
One workaround is to install the NoScript plug-in for Firefox.
Unfortunately, this disables many Web features that users enjoy. |