3.2. Exploits

An exploit allows an attacker to take advantage of known weaknesses in operating systems or applications to gain access to a server. Exploits can be performed in many ways; however, it is becoming increasingly common for an exploit to be written into a software application that can be easily pointed at any server.

NOTE

Exploits as programs make it very easy for script kiddies to wreak havoc, but they also separate true attackers from the script kiddies. One developer, having set up a honeypot on a FreeBSD system, went into a well-known script kiddie chat room and told them about a “vulnerable” Microsoft Windows IIS server he had discovered. Seconds after his announcements the honeypot server began getting attacks designed to exploit ...

Get The Practice of Network Security: Deployment Strategies for Production Environments now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.