Strategic Security Intelligence


The All.Net Security Database


Generated Wed May 5 16:25:34 PDT 1999 by fc@all

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • Threat35:

    Name:information warriors

    Complexity: Information warriors may use any or all of the known techniques as well as techniques developed especially for their use and kept secret in order to attain miltary advantage. They tend not to kill people unnecessarily.
    fc@all

    Related Database Material

    [Attack1 - errors and omissions]
    [Attack2 - power failure]
    [Attack3 - cable cuts]
    [Attack4 - fire]
    [Attack5 - flood]
    [Attack10 - static]
    [Attack11 - environmental control loss]
    [Attack12 - relocation]
    [Attack13 - system maintenance]
    [Attack14 - testing]
    [Attack15 - inadequate maintenance]
    [Attack16 - Trojan horses]
    [Attack17 - dumpster diving]
    [Attack18 - fictitious people]
    [Attack19 - protection missetting exploitation]
    [Attack20 - resource availability manipulation]
    [Attack21 - perception management a.k.a. human engineering]
    [Attack22 - spoofing and masquerading]
    [Attack23 - infrastructure interference]
    [Attack24 - infrastructure observation]
    [Attack25 - insertion in transit]
    [Attack26 - observation in transit]
    [Attack27 - modification in transit]
    [Attack28 - sympathetic vibration]
    [Attack29 - cascade failures]
    [Attack30 - bribes and extortion]
    [Attack31 - get a job]
    [Attack32 - password guessing]
    [Attack33 - invalid values on calls]
    [Attack34 - undocumented or unknown function exploitation]
    [Attack35 - inadequate notice exploitation]
    [Attack36 - excess privilege exploitation]
    [Attack37 - environment corruption]
    [Attack38 - device access exploitation]
    [Attack39 - modeling mismatches]
    [Attack40 - simultaneous access exploitations]
    [Attack41 - implied trust exploitation]
    [Attack42 - interrupt sequence mishandling]
    [Attack43 - emergency procedure exploitation]
    [Attack44 - desychronization and time-based attacks]
    [Attack45 - imperfect daemon exploits]
    [Attack46 - multiple error inducement]
    [Attack47 - viruses]
    [Attack48 - data diddling]
    [Attack49 - van Eck bugging]
    [Attack50 - electronic interference]
    [Attack51 - PBX bugging]
    [Attack52 - audio/video viewing]
    [Attack53 - repair-replace-remove information]
    [Attack54 - wire closet attacks]
    [Attack55 - shoulder surfing]
    [Attack56 - data aggregation]
    [Attack57 - process bypassing]
    [Attack58 - content-based attacks]
    [Attack59 - backup theft, corruption, or destruction]
    [Attack60 - restoration process corruption or misuse]
    [Attack61 - hangup hooking]
    [Attack62 - call forwarding fakery]
    [Attack63 - input overflow]
    [Attack64 - illegal value insertion]
    [Attack65 - residual data gathering]
    [Attack66 - privileged program misuse]
    [Attack67 - error-induced mis-operation]
    [Attack68 - audit suppression]
    [Attack69 - induced stress failures]
    [Attack70 - hardware failure - system flaw exploitation]
    [Attack71 - false updates]
    [Attack72 - network service and protocol attacks]
    [Attack73 - distributed coordinated attacks]
    [Attack74 - man-in-the-middle]
    [Attack75 - selected plaintext]
    [Attack76 - replay attacks]
    [Attack77 - cryptanalysis]
    [Attack78 - breaking key management systems]
    [Attack79 - covert channels]
    [Attack80 - error insertion and analysis]
    [Attack81 - reflexive control]
    [Attack82 - dependency analysis and exploitation]
    [Attack83 - interprocess communication attacks]
    [Attack84 - below-threshold attacks]
    [Attack85 - peer relationship exploitation]
    [Attack86 - inappropriate defaults]
    [Attack87 - piggybacking]
    [Attack88 - collaborative misuse]
    [Attack89 - race conditions]
    [Attack90 - strategic or tactical deceptions]
    [Attack91 - combinations and sequences]
    [Attack92 - kiting]
    [Attack93 - salami attacks]
    [Attack94 - repudiation]
    [Attack1 - errors and omissions]
    [Attack2 - power failure]
    [Attack3 - cable cuts]
    [Attack4 - fire]
    [Attack5 - flood]
    [Attack10 - static]
    [Attack11 - environmental control loss]
    [Attack12 - relocation]
    [Attack13 - system maintenance]
    [Attack14 - testing]
    [Attack15 - inadequate maintenance]
    [Attack16 - Trojan horses]
    [Attack17 - dumpster diving]
    [Attack18 - fictitious people]
    [Attack19 - protection missetting exploitation]
    [Attack20 - resource availability manipulation]
    [Attack21 - perception management a.k.a. human engineering]
    [Attack22 - spoofing and masquerading]
    [Attack23 - infrastructure interference]
    [Attack24 - infrastructure observation]
    [Attack25 - insertion in transit]
    [Attack26 - observation in transit]
    [Attack27 - modification in transit]
    [Attack28 - sympathetic vibration]
    [Attack29 - cascade failures]
    [Attack30 - bribes and extortion]
    [Attack31 - get a job]
    [Attack32 - password guessing]
    [Attack33 - invalid values on calls]
    [Attack34 - undocumented or unknown function exploitation]
    [Attack35 - inadequate notice exploitation]
    [Attack36 - excess privilege exploitation]
    [Attack37 - environment corruption]
    [Attack38 - device access exploitation]
    [Attack39 - modeling mismatches]
    [Attack40 - simultaneous access exploitations]
    [Attack41 - implied trust exploitation]
    [Attack42 - interrupt sequence mishandling]
    [Attack43 - emergency procedure exploitation]
    [Attack44 - desychronization and time-based attacks]
    [Attack45 - imperfect daemon exploits]
    [Attack46 - multiple error inducement]
    [Attack47 - viruses]
    [Attack48 - data diddling]
    [Attack49 - van Eck bugging]
    [Attack50 - electronic interference]
    [Attack51 - PBX bugging]
    [Attack52 - audio/video viewing]
    [Attack53 - repair-replace-remove information]
    [Attack54 - wire closet attacks]
    [Attack55 - shoulder surfing]
    [Attack56 - data aggregation]
    [Attack57 - process bypassing]
    [Attack58 - content-based attacks]
    [Attack59 - backup theft, corruption, or destruction]
    [Attack60 - restoration process corruption or misuse]
    [Attack61 - hangup hooking]
    [Attack62 - call forwarding fakery]
    [Attack63 - input overflow]
    [Attack64 - illegal value insertion]
    [Attack65 - residual data gathering]
    [Attack66 - privileged program misuse]
    [Attack67 - error-induced mis-operation]
    [Attack68 - audit suppression]
    [Attack69 - induced stress failures]
    [Attack70 - hardware failure - system flaw exploitation]
    [Attack71 - false updates]
    [Attack72 - network service and protocol attacks]
    [Attack73 - distributed coordinated attacks]
    [Attack74 - man-in-the-middle]
    [Attack75 - selected plaintext]
    [Attack76 - replay attacks]
    [Attack77 - cryptanalysis]
    [Attack78 - breaking key management systems]
    [Attack79 - covert channels]
    [Attack80 - error insertion and analysis]
    [Attack81 - reflexive control]
    [Attack82 - dependency analysis and exploitation]
    [Attack83 - interprocess communication attacks]
    [Attack84 - below-threshold attacks]
    [Attack85 - peer relationship exploitation]
    [Attack86 - inappropriate defaults]
    [Attack87 - piggybacking]
    [Attack88 - collaborative misuse]
    [Attack89 - race conditions]
    [Attack90 - strategic or tactical deceptions]
    [Attack91 - combinations and sequences]
    [Attack92 - kiting]
    [Attack93 - salami attacks]
    [Attack94 - repudiation]