Focused On Your Success
The All.Net Security Database
Generated Fri Jun 27 09:58:52 PDT 2003 by fc@red.a.net
Cause/Mechanism:
Threat Profiles
Attack Methods
Defense Methods
Process:
Prevention
Detection
Reaction
Impact:
Integrity
Availability
Confidential
Use Control
Other:
Risk Management
Database Description
Domain:
Physical
Informational
Systemic
Sophistication:
Theoretical
Demonstrated
Widespread
Perspectives:
Management
Policy
Standards
Procedures
Documentation
Audit
Testing
Technical Safeguards
Personnel
Incident Handling
Legal
Physical
Awareness
Training
Education
Organization
Brekne's Mechanistic:
Input
Output
Storage
Processing
Transmission
Brekne's Causal:
Accidental
Malicious
Brekne's Method:
Leakage
Masquerade
Denial
Corruption
Usage
Mental
Defense20:
Name:temporary blindness
Temporarily ignore certain sets of signals based on the belief that they are unreliable. Examples include:
temporarily ignoring network nodes that appear to be misbehaving,
temporarily disabling accounts for increasing time periods for each failed password attempt, and
partitioning a network as an emergency procedure in response to an incident.
Complexity: No detailed analysis of this technique has been performed to date.
fc@red.a.net
Related Database Material
[PDRReact - Relates to React]
[PDRIntegrity - Relates to Integrity]
[PDRAvailability - Relates to Availability]
[PDRConfidentiality - Relates to Confidentiality]
[PDRUse - Relates to Use]
[PDRTheoretical - Relates to Theoretical]
[PLSLogical - Relates to Logical]
[ManAlProcedures - Relates to Procedures]
[ManAlSafeguards - Relates to Safeguards]
[ManAlIncident - Relates to Incident]
[Attack13 - system maintenance]
[Attack14 - testing]
[Attack16 - Trojan horses]
[Attack19 - protection missetting exploitation]
[Attack20 - resource availability manipulation]
[Attack23 - infrastructure interference]
[Attack27 - modification in transit]
[Attack29 - cascade failures]
[Attack38 - device access exploitation]
[Attack43 - emergency procedure exploitation]
[Attack44 - desychronization and time-based attacks]
[Attack45 - imperfect daemon exploits]
[Attack46 - multiple error inducement]
[Attack47 - viruses]
[Attack50 - electronic interference]
[Attack56 - data aggregation]
[Attack58 - content-based attacks]
[Attack61 - hangup hooking]
[Attack63 - input overflow]
[Attack69 - induced stress failures]
[Attack72 - network service and protocol attacks]
[Attack73 - distributed coordinated attacks]
[Attack79 - covert channels]
[Attack81 - reflexive control]
[Attack82 - dependency analysis and exploitation]
[Attack83 - interprocess communication attacks]
[Attack84 - below-threshold attacks]
[Attack85 - peer relationship exploitation]
[Attack90 - strategic or tactical deceptions]
[Attack91 - combinations and sequences]