At the writing of this edition, Mac OS X users can protect
themselves by disabling the ???Open safe files after downloading??? option in Safari.
With the increased proliferation of fuzzing tools and the combination of financial
motivations behind many of the more recent network attacks, it is unlikely that we can
expect any end to this trend of attacks in the near future. Attackers have come to understand
that if they discover a flaw that was previously unknown, it is very unlikely that
their targets will have any kind of protection against it until the vendor gets around to
providing a fix. This could take days, weeks, or months. Through the use of fuzzing tools,
the process for discovering these flaws has become largely automated. Another aspect of
using these tools is that if the flaw is discovered, it can be treated as an expendable
resource. This is because if the vector of an attack is discovered and steps are taken to
protect against these kinds of attacks, the attackers know that it won??™t be long before
more vectors will be found to replace the ones that have been negated. It??™s simply easier
for the attackers to move on to the next flaw than to dwell on how a particular flaw can
continue to be exploited.
Pages:
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148