Another way of classifying exploits is by their effect.
- Takeover attacks
- These let the user take the machine over, or at least cause it to do
something unpredictable to the owner but predictable to the attacker.
- Denial Of Service (DOS) attacks
- These are just disruptions. An example of this is flood-pinging a
machine to slow down its networking to the point that it's unusable.
DOS attacks are notoriously difficult to deal with, and often must be
handled in a reactive rather than proactive fashion.
As an example, there are very few systems that can't be
brought to their knees by a malicious local user although, with such tools as
the ksh's
ulimit
builtin command, you can often minimize these attacks.
Using these divisions, you can look at a system and see which classes of attacks it could
potentially be vulnerable to, and take steps to prevent them.