Chapter 2. How Hackers Attack
It is crucial that Windows security defenders understand how malicious hackers can attack and exploit their systems. Only when attacks are thoroughly understood can sufficient defenses be designed and implemented. Thus, this chapter focuses on the major methods of malicious exploitation.
Microsoft Windows is the most attacked PC desktop OS in the world, coming under attack from both dedicated hackers and automated malicious software. Regardless of whether the attack is occurring as a results of skilled human hands or pre-programmed malware, both methods use one of eight techniques to exploit a computer.
Eight Exploitation Techniques
The eight exploitation techniques are:
Logon credential guessing/cracking
OS or application vulnerability
OS or application misconfiguration
Denial of service attack
There are many different types of attacks, but these are the major ones. The next section of the chapter covers each of the techniques in more detail.
Logon Credential Guessing/Cracking
Logon credential password guessing and cracking are among a hacker's (or worm's) favorite attacks. Many sources call this technique "password cracking," but that name is an oversimplification of the subject. First, users don't always use passwords in their logon sequence. They can use passphrases, biometrics, smart cards, fingerprint scanning, digital certificate, or some other ...