A network vulnerability is an inherent weakness in the design, implementation, or use of a hardware component or a software routine. A vulnerability invites attacks and makes the network susceptible to threats.
A threat is anything that can disrupt the operation of the network. A threat can even be accidental or an act of nature, but threats are mostly intentional. A threat can damage the network, slow it down, or make it unavailable. Any type of rogue software represents a threat. An attack is a specific approach employed to exploit a known vulnerability. A passive attack is designed to monitor and record network activity in an attempt to collect information to be used later in an active attack. Examples of passive attacks are packet sniffing (page 226) and traffic analysis. Passive attacks are difficult to detect.
KeywordsData Packet Network Security Internet Service Provider Email Message Portable Document Format
Unable to display preview. Download preview PDF.
- apsa (2009) is http://www.adobe.com/support/security/advisories apsa09-01.html.
- dslreports (2004) is http://www.dslreports.com/scan.
- IANA port (2004) is iana.org/assignments/port-numbers.Google Scholar
- Information Week (2004) is informationweek.com/story/showArticle.jhtml?articleID=52601698.Google Scholar
- insecure (2004) is http://nmap.org/.
- Knowspam (2004) is http://www.Knowspam.net/.
- Mailblocks (2004) is http://www.mailwasher.net/.
- MailFrontier (2004) is http://www.exclaimer.com.
- Network solutions (2004) is http://www.networksolutions.com/en_US/whois/index.jhtml.
- ping (2004) is http://ftp.arl.mil/˜mike/ping.html.
- RFC-862 (2004) is at www.faqs.org/rfcs/rfc862.html.
- RSAsecurity (2004) is http://www.rsa.com/.
- send-safe (2005) is http://www.send-safe.com.
- spam (2004) is http://www.spam.com/about/history/default.aspx.
- spam abuse (2004) is http://spam.abuse.net/others/sites.shtml.
- SpamArrest (2004) is http://www.SpamArrest.com.
- spamcop (2005) is http://www.spamcop.com/.
- Spamhaus (2005) is http://www.spamhaus.org/.
- spamhauslasso (2005) is http://readerszone.com/security/top-10-spam-friendly-isps.html.
- takedown (2004) is http://www.takedown.com/.
- Vupen (2009) is http://www.vupen.com/english/advisories/2009/2891.