Examples of general threats and a control
Bots are items of automated software running over the internet. A botnet is a group of computers controlled by a “bot herder.” Computer users can unwittingly add their computer to the group by visiting a rogue website. A botnet often comprises in excess of a million computers. (See “Zombie.”)
In this type of attack the attacker gets in between two parties who are communicating. See Figure A.2.
In a “relay attack” (think relay race) information is relayed from one place to another by the fraudster, without the victim being aware of it. An example of a relay attack is when a legitimate restaurant customer in the UK or Ireland is given a fake terminal by a waiter, who is a thief, and asked to give the details of their Chip and PIN card. The terminal communicates with the thief’s accomplice in a jewelry shop, who uses a fake card in the shop’s valid terminal. Not only have the thieves purchased jewelry, but the diner customer sees $10 displayed whereas $100 has been charged.
In replay attacks the attacker observes the format of data being transmitted and sends copies of data in the same format whenever the attacker wishes.
A rootkit is a set of software tools that a third party installs on a computer system for use after gaining access to the system. They conceal the running of processes and their associated files and data, which give access to a system without the user’s knowledge. A rootkit serves to conceal malicious software such as spyware.
A nonce is a number used to initiate a communications session; a different number is used for each session. For example, in the scenario shown in Figure A.3 Alice and Bob share a secret method of encrypting a nonce (x).
3.15.3.136