Strategic Security Intelligence
The All.Net Security Database
Generated Wed May 5 16:25:34 PDT 1999 by fc@all
Cause/Mechanism:
Threat Profiles
Attack Methods
Defense Methods
Process:
Prevention
Detection
Reaction
Impact:
Integrity
Availability
Confidential
Use Control
Other:
Risk Management
Database Description
Domain:
Physical
Informational
Systemic
Sophistication:
Theoretical
Demonstrated
Widespread
Perspectives:
Management
Policy
Standards
Procedures
Documentation
Audit
Testing
Technical Safeguards
Personnel
Incident Handling
Legal
Physical
Awareness
Training
Education
Organization
Brekne's Mechanistic:
Input
Output
Storage
Processing
Transmission
Brekne's Causal:
Accidental
Malicious
Brekne's Method:
Leakage
Masquerade
Denial
Corruption
Usage
Mental
Threat32:
Name:global coalitions
Global groups that work together toward common goals.
Complexity: Global coalitions - of corporations, groups, countries, cartels, and other bodies - combine their forces to increase their impact and make it harder to fight them off.
fc@all
Related Database Material
[Attack1 - errors and omissions]
[Attack2 - power failure]
[Attack3 - cable cuts]
[Attack4 - fire]
[Attack5 - flood]
[Attack10 - static]
[Attack11 - environmental control loss]
[Attack12 - relocation]
[Attack13 - system maintenance]
[Attack14 - testing]
[Attack15 - inadequate maintenance]
[Attack16 - Trojan horses]
[Attack17 - dumpster diving]
[Attack18 - fictitious people]
[Attack19 - protection missetting exploitation]
[Attack20 - resource availability manipulation]
[Attack21 - perception management a.k.a. human engineering]
[Attack22 - spoofing and masquerading]
[Attack23 - infrastructure interference]
[Attack24 - infrastructure observation]
[Attack25 - insertion in transit]
[Attack26 - observation in transit]
[Attack27 - modification in transit]
[Attack28 - sympathetic vibration]
[Attack29 - cascade failures]
[Attack30 - bribes and extortion]
[Attack31 - get a job]
[Attack32 - password guessing]
[Attack33 - invalid values on calls]
[Attack34 - undocumented or unknown function exploitation]
[Attack36 - excess privilege exploitation]
[Attack37 - environment corruption]
[Attack38 - device access exploitation]
[Attack39 - modeling mismatches]
[Attack40 - simultaneous access exploitations]
[Attack41 - implied trust exploitation]
[Attack42 - interrupt sequence mishandling]
[Attack43 - emergency procedure exploitation]
[Attack44 - desychronization and time-based attacks]
[Attack45 - imperfect daemon exploits]
[Attack46 - multiple error inducement]
[Attack47 - viruses]
[Attack48 - data diddling]
[Attack49 - van Eck bugging]
[Attack50 - electronic interference]
[Attack51 - PBX bugging]
[Attack52 - audio/video viewing]
[Attack53 - repair-replace-remove information]
[Attack54 - wire closet attacks]
[Attack55 - shoulder surfing]
[Attack56 - data aggregation]
[Attack57 - process bypassing]
[Attack58 - content-based attacks]
[Attack59 - backup theft, corruption, or destruction]
[Attack60 - restoration process corruption or misuse]
[Attack61 - hangup hooking]
[Attack62 - call forwarding fakery]
[Attack63 - input overflow]
[Attack64 - illegal value insertion]
[Attack65 - residual data gathering]
[Attack66 - privileged program misuse]
[Attack67 - error-induced mis-operation]
[Attack68 - audit suppression]
[Attack69 - induced stress failures]
[Attack70 - hardware failure - system flaw exploitation]
[Attack71 - false updates]
[Attack72 - network service and protocol attacks]
[Attack73 - distributed coordinated attacks]
[Attack74 - man-in-the-middle]
[Attack75 - selected plaintext]
[Attack76 - replay attacks]
[Attack77 - cryptanalysis]
[Attack78 - breaking key management systems]
[Attack79 - covert channels]
[Attack80 - error insertion and analysis]
[Attack81 - reflexive control]
[Attack82 - dependency analysis and exploitation]
[Attack83 - interprocess communication attacks]
[Attack84 - below-threshold attacks]
[Attack85 - peer relationship exploitation]
[Attack86 - inappropriate defaults]
[Attack87 - piggybacking]
[Attack88 - collaborative misuse]
[Attack89 - race conditions]
[Attack90 - strategic or tactical deceptions]
[Attack91 - combinations and sequences]
[Attack92 - kiting]
[Attack93 - salami attacks]
[Attack94 - repudiation]
[Attack1 - errors and omissions]
[Attack2 - power failure]
[Attack3 - cable cuts]
[Attack4 - fire]
[Attack5 - flood]
[Attack10 - static]
[Attack11 - environmental control loss]
[Attack12 - relocation]
[Attack13 - system maintenance]
[Attack14 - testing]
[Attack15 - inadequate maintenance]
[Attack16 - Trojan horses]
[Attack17 - dumpster diving]
[Attack18 - fictitious people]
[Attack19 - protection missetting exploitation]
[Attack20 - resource availability manipulation]
[Attack21 - perception management a.k.a. human engineering]
[Attack22 - spoofing and masquerading]
[Attack23 - infrastructure interference]
[Attack24 - infrastructure observation]
[Attack25 - insertion in transit]
[Attack26 - observation in transit]
[Attack27 - modification in transit]
[Attack28 - sympathetic vibration]
[Attack29 - cascade failures]
[Attack30 - bribes and extortion]
[Attack31 - get a job]
[Attack32 - password guessing]
[Attack33 - invalid values on calls]
[Attack34 - undocumented or unknown function exploitation]
[Attack36 - excess privilege exploitation]
[Attack37 - environment corruption]
[Attack38 - device access exploitation]
[Attack39 - modeling mismatches]
[Attack40 - simultaneous access exploitations]
[Attack41 - implied trust exploitation]
[Attack42 - interrupt sequence mishandling]
[Attack43 - emergency procedure exploitation]
[Attack44 - desychronization and time-based attacks]
[Attack45 - imperfect daemon exploits]
[Attack46 - multiple error inducement]
[Attack47 - viruses]
[Attack48 - data diddling]
[Attack49 - van Eck bugging]
[Attack50 - electronic interference]
[Attack51 - PBX bugging]
[Attack52 - audio/video viewing]
[Attack53 - repair-replace-remove information]
[Attack54 - wire closet attacks]
[Attack55 - shoulder surfing]
[Attack56 - data aggregation]
[Attack57 - process bypassing]
[Attack58 - content-based attacks]
[Attack59 - backup theft, corruption, or destruction]
[Attack60 - restoration process corruption or misuse]
[Attack61 - hangup hooking]
[Attack62 - call forwarding fakery]
[Attack63 - input overflow]
[Attack64 - illegal value insertion]
[Attack65 - residual data gathering]
[Attack66 - privileged program misuse]
[Attack67 - error-induced mis-operation]
[Attack68 - audit suppression]
[Attack69 - induced stress failures]
[Attack70 - hardware failure - system flaw exploitation]
[Attack71 - false updates]
[Attack72 - network service and protocol attacks]
[Attack73 - distributed coordinated attacks]
[Attack74 - man-in-the-middle]
[Attack75 - selected plaintext]
[Attack76 - replay attacks]
[Attack77 - cryptanalysis]
[Attack78 - breaking key management systems]
[Attack79 - covert channels]
[Attack80 - error insertion and analysis]
[Attack81 - reflexive control]
[Attack82 - dependency analysis and exploitation]
[Attack83 - interprocess communication attacks]
[Attack84 - below-threshold attacks]
[Attack85 - peer relationship exploitation]
[Attack86 - inappropriate defaults]
[Attack87 - piggybacking]
[Attack88 - collaborative misuse]
[Attack89 - race conditions]
[Attack90 - strategic or tactical deceptions]
[Attack91 - combinations and sequences]
[Attack92 - kiting]
[Attack93 - salami attacks]
[Attack94 - repudiation]