• 7. Server Bugs
  • 8. Super User Exploits
    		•

    Denial of Service Attacks




    Download 0,67 Mb.
    Pdf ko'rish
    bet9/13
    Sana25.11.2023
    Hajmi0,67 Mb.
    #105148
    1   ...   5   6   7   8   9   10   11   12   13
    Bog'liq
    Security and Privacy of Electronic Banking

    6. Denial of Service Attacks 
    Denial of service attacks are used to overload a server and render it useless. The server is asked 
    repeatedly to perform tasks that require it to use a large amount of resources until it can no 
    longer function properly. The attacker will install virus or Trojan software onto an abundance of 
    user PC’s and instruct them to perform the attack on a specific server. Denial of service attacks 
    can be used by competitors to interrupt the service of another E-Commerce retailer or by 
    attackers who want to bring down a web server for the purpose of disabling some type of 
    security feature. Once the server is down, they may have access to other functions of a server, 
    such as the database or a user’s system. This allows the attacker the means to install software or 
    disable other security features. 
    IJCSI International Journal of Computer Science Issues, Vol. 9, Issue 4, No 3, July 2012 
    ISSN (Online): 1694-0814 
    www.IJCSI.org
    441
    Copyright (c) 2012 International Journal of Computer Science Issues. All Rights Reserved.

    7. Server Bugs 
    Server bugs are often found and patched in a timely fashion that does not allow an attacker to 
    utilize the threat against an E-Commerce web site. However, system administrators are often 
    slow to implement the newest updates, thus allowing an attacker sufficient time to generate a 
    threat. With the millions of web servers in use around the world, thousands often go without 
    timely patches, leaving them vulnerable to an onslaught of server bugs and threats (Khusial, 
    McKegney, 2005). 
    8. Super User Exploits 
    Super user exploits allow attackers to gain control of a system as if they were an administrator. 
    They often use scripts to manipulate a database or a buffer overflow attack that cripples a 
    system, much like a Denial of Service attack for the purpose of gaining control of the system. 
    Users can create scripts that manipulate a browser into funneling information from sources, such 
    as databases. 
    Despite the various attacks on e-commerce, there are various defenses as (Khusial, McKegney, 
    2005) noted below. 
    a) Education 
    Your system is only as secure as the people who use it. If a consumer chooses a weak password, 
    or does not keep their password confidential, then an attacker can pose as that user. This is 
    significant if the compromised password belongs to an administrator of the system. In this case, 
    there is likely physical security involved because the administrator client may not be exposed 
    outside the firewall. Users need to use good judgment when giving out information, and be 
    educated about possible phishing schemes and other social engineering attacks.

    Download 0,67 Mb.
    1   ...   5   6   7   8   9   10   11   12   13




    Download 0,67 Mb.
    Pdf ko'rish