Consider for a moment that even highly publicized online attacks might be simple to carry out. The steps involved in launching an attack on a system or network can range from highly complex to frighteningly simple. This can be the case if a system is left unsecured with some well-known buggy software.

The modus operandi of a less experienced attacker may simply be the automation of seemingly endless port scans, opening a connection and promptly closing it, or tirelessly searching for a banner that reveals the version number of the service listening behind the port. If any versions match those listed in their vulnerability database, then a fresh target is identified by the attacker. Up to this point in an attack, as it is an almost fully automated approach, you might even say that it's nothing more than computers attacking computers.

Conversely, sophisticated attackers use a wide variety of approaches to disrupt or gain access to a system or network. They are not only experienced and intelligent, but also innovative, patient, and cunning. They employ social engineering, build customized hardware, and practice sleight of hand. During an attack, they adapt their methodology as the defender reveals their cards, and the attack evolves, sometimes rapidly. Much of the attack's impact comes from being well prepared; the sheer number of attack vectors that might be tested during initial reconnaissance is high.

Securing online services is a little like pushing water uphill, ...

Get Linux Server Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.