Focused On Your Success


The All.Net Security Database


Generated Fri Jun 27 09:58:52 PDT 2003 by fc@red.a.net

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • Defense29:

    Name:auditing

    Complexity: Generating audit records is not difficult. Care must be taken to secure the audit records from illicit observation and disruption and to prevent audit trails from using excessive time or space.
    fc@red.a.net

    Related Database Material

    [PDRDetect - Relates to Detect]
    [PDRIntegrity - Relates to Integrity]
    [PDRConfidentiality - Relates to Confidentiality]
    [PDRWidespread - Relates to Widespread]
    [PLSSystemic - Relates to Systemic]
    [ManAlPolicy - Relates to Policy]
    [ManAlStandards - Relates to Standards]
    [ManAlProcedures - Relates to Procedures]
    [ManAlAudit - Relates to Audit]
    [ManAlTesting - Relates to Testing]
    [ManAlSafeguards - Relates to Safeguards]
    [ManAlIncident - Relates to Incident]
    [ManAlLegal - Relates to Legal]
    [Attack1 - errors and omissions]
    [Attack12 - relocation]
    [Attack13 - system maintenance]
    [Attack14 - testing]
    [Attack15 - inadequate maintenance]
    [Attack16 - Trojan horses]
    [Attack32 - password guessing]
    [Attack38 - device access exploitation]
    [Attack52 - audio/video viewing]
    [Attack53 - repair-replace-remove information]
    [Attack57 - process bypassing]
    [Attack62 - call forwarding fakery]
    [Attack71 - false updates]
    [Attack76 - replay attacks]
    [Attack90 - strategic or tactical deceptions]
    [Attack92 - kiting]
    [Attack93 - salami attacks]
    [Attack94 - repudiation]