Red Hat ENTERPRISE LINUX 4 - SECURITY GUIDE Manual page 117

Exploit Description
administrative privileges on the rest of
the network.
Denial of Service Attacker or group of attackers
(DoS) Attacks coordinate against an organization's
network or server resources by
sending unauthorized packets to the
target host (either server, router, or
workstation). This forces the resource
to become unavailable to legitimate
users.
Table B.1. Common Exploits
Notes
install unauthorized software or open
unsolicited email attachments.
Safeguards can be implemented
such that email client software
does not automatically open or
execute attachments. Additionally,
the automatic update of workstation
software via Red Hat Network or other
system management services can
alleviate the burdens of multi-seat
security deployments.
The most reported DoS case in the
US occurred in 2000. Several highly-
trafficked commercial and government
sites were rendered unavailable by
a coordinated ping flood attack using
several compromised systems with
high bandwidth connections acting
as zombies, or redirected broadcast
nodes.
Source packets are usually forged
(as well as rebroadcasted), making
investigation as to the true source of
the attack difficult.
Advances in ingress filtering (IETF
rfc2267) using iptables and
Network IDSes such as snort assist
administrators in tracking down and
preventing distributed DoS attacks.
105