Protecting against Local Attacks

We are becoming pretty much used to reading about new remote code execution exploits associated with various programs and operating systems. It is normally the goal of any hacker to obtain a means of executing their own code on the victim computer. This is a rather obvious goal really for why else would you attack a computer if not for the end state of being able to control it in some way. This also does affect exploits which will result in a denial of service condition. Though a denial of service is generally regarded by most as less critical then having an exploit, which results in remote code execution.

What do remote code execution and a denial of service attack have in common though? Well normally they are linked with someone attacking you remotely i.e. they are not in the same physical space as you. This is not the only means of attacking a computer though. There is also the ever present threat of the trusted employee. I won’t bother regurgitating the statistics, but it seems many groups and federal agencies believe that half of all computer breaches result from the acts of a trusted insider. That is indeed a high number and is probably open to debate. One thing that can be taken for granted though is that there are attacks mounted by those with physical access to a computer network. Local Attacks

Linked by shanmuga Wednesday, 21st June 2006 1:13AM