IN THIS CHAPTER

Understanding the enemy

Profiling hackers and malicious users

Understanding why attackers do what they do

Examining how attackers go about their business

Before you start assessing the security of your systems, it’s good to know a few things about the people you’re up against. Many security product vendors and security professionals claim that you should protect all of your systems from the bad guys — both internal and external. But what does this mean? How do you know how these people think and execute their attacks?

Knowing what hackers and malicious users want helps you understand how they work. Understanding how they work helps you look at your information systems in a whole new way. In this chapter, I describe the challenges that you face from the people who actually do the misdeeds, as well as their motivations and methods. This understanding better prepares you for your security tests.

What You’re Up Against

Thanks to sensationalism in the media, public perception of hacker has transformed from a harmless tinkerer to ...