3.2. Exploits

An exploit allows an attacker to take advantage of known weaknesses in operating systems or applications to gain access to a server. Exploits can be performed in many ways; however, it is becoming increasingly common for an exploit to be written into a software application that can be easily pointed at any server.

NOTE

Exploits as programs make it very easy for script kiddies to wreak havoc, but they also separate true attackers from the script kiddies. One developer, having set up a honeypot on a FreeBSD system, went into a well-known script kiddie chat room and told them about a “vulnerable” Microsoft Windows IIS server he had discovered. Seconds after his announcements the honeypot server began getting attacks designed to exploit ...

Get The Practice of Network Security: Deployment Strategies for Production Environments now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.