Please enable JavaScript.
Coggle requires JavaScript to display documents.
Network Threats (Brute Force (Guessing a password to gain access to a…
Network Threats
-
SQL Injection
-
Deliberate addition of malicious SQL code into a web form in order to view/modify/delete database records or gain unauthorised access.
Server should validate then information before the SQL request is formed
Add an escape character. This forces the input to be treated as characters only rather than commands
Write the database code in such a way that raw input does not allow direct access to the queries being run to access the database information
Malware
-
-
Virus, Trojan, Spyware, Adware, Pharmacing
-
Phising
-
Attacker will pretend to be someone in authority (bank manager, Windows technician etc)
convince users to given up sensitive information such as passwords, bank account details etc
-
Denial Of Service
-
-
Each machine sends a stream of bogus requests. The owner of these machines will not be aware of this
Poor policy
-
-
Without precautions and guidance/training, there is a risk users may introduce threats to a network without meaning to