Focused On Your Success


The All.Net Security Database

Generated Fri Jun 27 09:58:52 PDT 2003 by fc@red.a.net

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
    		•  Other:
  • Risk Management
  • Database Description
    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
    		• Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
    • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
    		• Brekne's Causal:
  • Accidental
  • Malicious
    		• Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

    • Defense65:

    Name:increased or enhanced perimeters

    Complexity: There may be substantial cost involved in increasing or enhancing perimeters and it may be hard to definitively determine when the perimeter is strong enough or wide enough.
    fc@red.a.net

    Related Database Material

    [PDRPrevent - Relates to Prevent]
    [PDRReact - Relates to React]
    [PDRIntegrity - Relates to Integrity]
    [PDRAvailability - Relates to Availability]
    [PDRConfidentiality - Relates to Confidentiality]
    [PDRUse - Relates to Use]
    [PDRWidespread - Relates to Widespread]
    [PLSPhysical - Relates to Physical]
    [ManAlSafeguards - Relates to Safeguards]
    [ManAlIncident - Relates to Incident]
    [ManAlPhysical - Relates to Physical]
    [Attack3 - cable cuts]
    [Attack5 - flood]
    [Attack10 - static]
    [Attack17 - dumpster diving]
    [Attack19 - protection missetting exploitation]
    [Attack22 - spoofing and masquerading]
    [Attack23 - infrastructure interference]
    [Attack24 - infrastructure observation]
    [Attack25 - insertion in transit]
    [Attack26 - observation in transit]
    [Attack27 - modification in transit]
    [Attack35 - inadequate notice exploitation]
    [Attack37 - environment corruption]
    [Attack43 - emergency procedure exploitation]
    [Attack49 - van Eck bugging]
    [Attack50 - electronic interference]
    [Attack54 - wire closet attacks]
    [Attack55 - shoulder surfing]
    [Attack59 - backup theft, corruption, or destruction]
    [Attack63 - input overflow]
    [Attack66 - privileged program misuse]
    [Attack68 - audit suppression]
    [Attack69 - induced stress failures]
    [Attack72 - network service and protocol attacks]
    [Attack73 - distributed coordinated attacks]
    [Attack78 - breaking key management systems]
    [Attack79 - covert channels]
    [Attack80 - error insertion and analysis]
    [Attack81 - reflexive control]
    [Attack82 - dependency analysis and exploitation]
    [Attack85 - peer relationship exploitation]
    [Attack86 - inappropriate defaults]
    [Attack91 - combinations and sequences]