Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact email@example.com.
By: Terrence OConnor (posted on February 14, 2012)
We live in an era where a single soldier can digitally leak thousands of classified documents (possibly changing the course of war), attackers can compromise unmanned drone control software and intercept unencrypted video feeds, and recreational hackers can steal and release personal information from members of cyber think-tanks.
An examination of how Code Red could defeat existing security mechanisms, what benefit the tool LaBrea could offer, the history and technology behind this application, the networking fundamentals that allow it to work, and a look at the failings of other defenses within existing security solutions.
The three aspects discussed in this paper: Education of the Security Adminis trator, Securing the Environment, and How to Fight Back are just one combined definition of how to protect a system against hacking.