
domain name of server; a particularly easy feat for an attacker if an
obvious string (e.g., the company’s name) is used. Once the domain
name is known, an attacker can use a remote procedure call (RPC) query
to access the mappings of each host’s critical information, including the
contents of the passwd file. Other attacks, such as phishing, pharming,
spamming, the use of botnets, and directory harvest attacks can increase
the server load, resulting in a DoS.
Additional information about current network threats and critical
Internet security vulnerabilities can be located at the SANS (SysAdmin,
Audit, Network, Security) Institute site: http://www.sans.org/top20/. ...