You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
164 <strong>Kaspersky</strong> Internet Security 7.0<br />
• Intrusion attacks, which aim to take over your computer. This is the most<br />
dangerous type of attack, since if it is successful, the hacker has<br />
complete control of your computer.<br />
Hackers use this attack to obtain confidential information from a remote<br />
computer (for example, credit card numbers or passwords), or to use its<br />
resources later for malicious purposes (e.g. using the captured system in<br />
zombie networks or as a platform for new attacks).<br />
This group contains more different types of attacks than any other. They<br />
can be divided into three subgroups based on operating system: Microsoft<br />
Windows attacks, Unix attacks, and a group for network services running<br />
either operating system.<br />
The most common types of attacks that use operating system network<br />
tools are:<br />
• Buffer overflow attacks – a type of software vulnerability that<br />
surfaces due to insufficient control in handling massive amounts of<br />
data. This is one of the oldest vulnerability types, and the easiest for<br />
hackers to exploit.<br />
• Format string attacks – a type of software vulnerability that arises<br />
from insufficient control of input values for I/O functions such as<br />
printf(), fprintf(), scanf(), and others from the C standard library. If a<br />
program has this vulnerability, a hacker, using queries created with<br />
a special technique, can gain complete control of the system.<br />
The Intrusion Detection System automatically analyzes and blocks<br />
attempts to exploit vulnerabilities in the most common network tools (FTP,<br />
POP3, IMAP) running on the user’s computer.<br />
Microsoft Windows attacks are based on taking advantage of<br />
vulnerabilities in software installed on the computer (for example,<br />
programs such as Microsoft SQL Server, Microsoft Internet Explorer,<br />
Messenger, and system components that can be accessed through the<br />
network – DCom, SMB, Wins, LSASS, IIS5).<br />
Firewall protects your computer from attacks that use the following known<br />
software vulnerabilities (this list of vulnerabilities is cited with the Microsoft<br />
Knowledge Base numbering system):<br />
(MS03-026) DCOM RPC Vulnerability(Lovesan worm)<br />
(MS03-043) Microsoft Messenger Service Buffer Overrun<br />
(MS03-051) Microsoft Frontpage 2000 Server Extensions Buffer Overflow<br />
(MS04-007) Microsoft Windows ASN.1 Vulnerability<br />
(MS04-031) Microsoft NetDDE Service Unauthenticated Remote Buffer<br />
Overflow<br />
(MS04-032) Microsoft Windows XP Metafile (.emf) Heap Overflow