Beruflich Dokumente
Kultur Dokumente
It became, for quite a long time an unsolved puzzle for many security
professionals the choice of the best time to create an attack network, pre-
target-identification or post-target-identification, for sake of neutrality let's
say that the best time depends on the objective to achieve, the attacker's
mentality and its skills.
We can easily understand that creating a pre-target-identification attack
network that is fully functional at the zero attack hour has the same impact
as a post-target-identification attack network of the same size ,power and is
completely functional but in reality this is not completely true. A pre-target-
identification has to be idle for more time, therefore causing network nodes
to become inactive either by a sysadmin covering/fixing/patching the
attacker's entry point or by the implementation of more restrictive security
measures.
The attack methodology used for the expansion of an attack network have
been modified since the earliest *DoS attacks, what started as simple Host-
by-host attack and the successive host append to the network turned into a
battle of "intelligent" scripts/worms capable of doing the job by their own
means without almost no human intervention on the process and with a
power far more superior than the individual host attack method.
Once formed the attack network, let's look at the attacker as a pyrotechnic
technician with all his fireworks ready to launch and begin the show...The
countdown clock reaches zero... The attacker presses the trigger (or some
pre scheduled event occurs)... The show begins... But what happens?
Protection layers
It is fairly trivial that the more protection layers exist between the attacker
and the victim, more anonymous and protected the attacker's identity will be
and more difficulties will the victim run across to unveil the attack source.
An elevated number of layers will, as expected, create "lag" between layers
which can lead, if badly idealized, to the total of partial failure of the attack,
on the other hand a small number of layers can lead to an easy detection of
the attacker and therefore, large prejudice for the attacker, it is, in sum,
essential to create a balance between both extremes to obtain a successful
attack and effective risk distribution.
100 Continue
101 Switching protocols
200 OK
201 Created
202 Accepted
203 Non-Authorative information
204 No Content
205 Reset Content
206 Partial Content
300 Multiple Choices
301 Moved Permanently
302 Moved Temporarily
303 See Other
304 Not Modified
305 Use Proxy
400 Bad Request
401 Unauthorized
402 Payment Required
403 Forbidden
404 Not Found
405 Method Not Allowed
406 Not Acceptable
407 Proxy Authentication Req.
408 Request Time-Out
409 Conflict
410 Gone
411 Length Required
412 Precondition Failed
413 Request Entity Too Large
414 Request-URL Too Large
415 Unsupported Media Type
500 Server Error
501 Not Implemented
502 Bad Gateway
503 Out of Resources
504 Gateway Time-Out
505 HTTP Version not Supported
Note that the first digit of each status code reveals the type of response
which can fall into 5 categories:
• 1xx Informational
Request received, continuing process.
• 2xx Success
The action was successfully received, understood, and accepted.
• 3xx Redirection
The client must take additional action to complete the request.