Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Attack vectors distilled for your perusal/discussion


  • Please log in to reply
No replies to this topic

#1 palerider2

palerider2

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:57 AM

Posted 01 August 2014 - 03:11 AM

I drew up a list of the general internet attack vectors that I was aware of. But then I thought the BC community might do a better job. So that's the reason for this thread.

The idea is to reduce the list to the smallest possible size, without losing any individual source of malware.

I've tried to avoid situations where your PC is running an old operating system or an old browser. To make a rule, let's assume you have Windows 7 or later and an up-to-date browser, which can be of any flavour.

This list doesn't cover privacy issues.

Your PC can get malware on it if ...

1. you connect your PC directly to the internet (no NAT router)
2. your NAT router allows remote administration or UPnP is turned on or the router simply has a software or hardware vulnerability
3. You browse to a web site that has malicious JavaScript (or ActiveX), iframes, flash or java and your browser allows it to run
4. you click on a malicious Ad
5. you open a malicious email and allow the active content to run
6. you open a file that was sent to you in an email using application X, which has a vulnerability
7. You download a malicious file and open it in application X, which has a vulnerability
8. You download a driver or an application that you need but it's malicious or it contains additional malware/PUP
9. You an have insecure update engine running on your PC and it only uses http

Can anyone add no. 10 ?

I would admit that 6 and 7 are similar but the actions required by the user are different. So, yes, maybe those two should be merged. They aren't really different vectors.

No. 9 was traditionally more likely to occur in an insecure WiFi location i.e. the evilgrade attack. But these days all of the internet is totally open and insecure (depending upon what you personally have access to), so the scope to use vector 9 has increased.

Edit: to restore paragraph marks

Edited by palerider2, 01 August 2014 - 03:12 AM.


BC AdBot (Login to Remove)

 


m



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users