Attacks

Behind the scenes of a Web-based email application is a database that stores the messages and allows each user to see his or her emails, folders, and address books. However, if attackers can fool the application into giving them direct access to the database, all the information stored in the database can be compromised.

A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. DoS attacks are fast becoming the weapon of choice for hackers. However, you can take the following measures to counter these attacks.

With clickjacking, the attacker overlays invisible malicious content on a page so that when the user clicks a link, he is actually clicking a URL under the hacker's control. With banner ads, attackers deploy multiple redirects via a series of banner ads, eventually directing users to a site hosting malware, which is automatically installed on the user's computer. This attack is possible because the primary (first redirect) banner ads are benign, drawing no attention when placed on leading search engines and popular sites.

One of the many functions of SSL is providing for encrypted communications. Many attacks on SSL are designed to break the encryption by discovering the secret key used. Remember that SSL uses symmetric key cryptography to provide encryption.

Hackers can wreak havoc without ever penetrating your system. For example, a hacker can effectively shut down your computer by flooding you with obnoxious signals or malicious code. This technique is known as a denial-of-service attack.

Hackers execute a denial-of-service attack by using one of two possible methods. The first method is to flood the target computer or hardware device with information so that it becomes overwhelmed. The alternative method is to send a well-crafted command or piece of erroneous data that crashes the target computer device.