Đang chuẩn bị liên kết để tải về tài liệu:
hack proofing your network second edition p2

Một cách chúng tôi làm điều đó bằng cách lắng nghe. Độc giả như mình đã nói với chúng tôi họ muốn một dịch vụ dựa trên Internet mà có thể mở rộng và nâng cao giá trị của các cuốn sách. Căn cứ vào đọc những phản hồi và | Classes of Attack Chapter 3 49 The code for C is as follows main for fork In both of these scenarios an attacker can degrade process performance with varying effects these effects may be as minimal as making a system perform slowly or they may be as extreme as monopolizing system resources and causing a system to crash. Disk Space Exhaustion Another type of local attack is one that fills disk space to capacity. Disk space is a finite resource. Previously disk space was an extremely expensive resource although the current industry has brought the price of disk storage down significantly. Though you can solve many of the storage complications with solutions such as disk arrays and software that monitors storage abuse disk space will continue to be a bottleneck to all systems. Software-based solutions such as per-user storage quotas are designed to alleviate this problem. This type of attack prevents the creation of new files and the growth of existing files. An added problem is that some UNIX systems will crash when the root partition reaches storage capacity. Although this isn t a design flaw on the part of UNIX itself a properly administered system should include a separate partition for the log facilities such as var and a separate partition for users such as the home directory on Linux systems or export home on Sun systems. Attackers can use this type of denial of service to crash systems such as when a disk layout hasn t been designed with user and log partitions on a separate slice. They can also use it to obscure activities of a user by generating a large amount of events that are logged to via syslog filling the partition on which logs are stored and making it impossible for syslog to log any further activity. Such an attack is trivial to launch. A local user can simply perform the following command cat dev zero maliciousfile This command will concatenate data from the dev zero device file which simply generates zeros into maliciousfile continuing until .