How malicious hackers attack

When developing software or defending a network, it's helpful to understand how malicious hackers hack. A dedicated attacker will fingerprint the intended host, starting first with available IP addresses and then perform TCP and sometimes UDP scans looking for active and listening TCP/IP ports. Each found port is then further fingerprinted to determine the listening application. For example, if port 80 is found, is it running Apache or IIS?

...Buffer overflows are responsible for many of the most popular, widespread attacks -- Blaster, Slammer, Ramen worm, and so on. A malicious hacker can code their own buffer overflow or choose from thousands of pre-coded buffer overflows found on the Internet. Milw0rm is one of the favorite buffer overflow download sites. Other Web sites come and go, but milw0rm lives on. How malicious hackers attack | InfoWorld | Column | 2006-08-25 | By Roger A. Grimes

Linked by shanmuga Saturday, 26th August 2006 3:41AM