Network Attacks

From ComputerCraft Wiki
Jump to: navigation, search

Wireless networking has loads of security flaws. Here are several possible attacks that hackers can do to exploit your system.

Passive Attacks

Passive attacks aim to obtain or view information or data in computer networks without modifying or interfering with anything occurring.

Wiretapping

An attacker can eavesdrop on rednet/modem communications and obtain sensitive information. Unless this information is encrypted, it can easily be read by the attacker, possibly compromising passwords, control signals, or other sensitive info.

Rednet: Wiretapping via rednet can be done by listening on the target computers ID. This is possible because rednet uses the computers ID as the channel number when sending messages to it. Without rednet, the attacker would have to determine which channel that computer is listening on.

Mimicry

An attacker can run a server that listens on the same channel or spoofs the ID of a legitimate server, causing users with the client program to send their data to both the legitimate server and the attacker, who now knows the information. Mimicry is possible by mimicking a server identically, except spoofing and wiretapping on its channel. By doing this, an attacker can provide services just like the server, except note the messages sent and received.

Active Attacks

Active attacks are designed to modify or interrupt normal system usage.

Backdoor

Backdoors are essentially tunnels that lead into a computer which must be manually opened by an attacker. A backdoor generally works like this:

  1. The attacker sends a program on a channel that the backdoor is listening on.
  2. The backdoor finds the program, downloads it, and executes it.

The program that the backdoor executes can be any form of malicious thing, such as copying or modifying files or programs, setting of redstone signals, or anything else an attacker would like to do. Backdoors are usually difficult to put onto a computer, but they are possible to do.

Identity Spoof

Most web applications use computer ID's to determine if it is authentic or not. An attacker can assume a computer ID to bypass ID-based whitelists easily.

Rednet: Spoof via rednet is accomplished by indicating the ID to assume as the channel that the computer should reply on. Rednet uses the reply channel parameter as the ID of the sender.

Forgery

An attacker can send his own message to a client incapable of distinguishing the source of a message between the legitimate server or a forger, causing it to think it's a legitamate message. An attacker can also send a forged message to a server, causing it to think it came from the client.

Rednet: Mimicry via rednet can be done by sending a message to the target computers ID, since rednet.receive() will listen with a modem using the computers ID as the channel number.