Squatting attack

Squatting attack

Squatting attack, in computer science, is a kind of DoS attack where a program interferes with another program through the use of shared synchronization objects in an unwanted or unexpected way. [cite web | last = Zhang | first = Junfeng | title = Private Object Namespace | url = http://blogs.msdn.com/junfeng/archive/2006/04/23/581161.aspx | date = 2006-04-23 | accessdate = 2007-05-15 ]

That attack is known in the Windows operating system, which offers named objects as an interprocess synchronization mechanism. With named objects, a process may open a synchronization object as a shared resource by just specifying a name. Subsequent processes may use the same name to open that resource and have a way to synchronize with the first process. The squatting attack is possible because, if the legitimate program does not enforce tight security rules for the resources, processes from arbitrary security contexts may gain access to them and ultimately take control of the system. [cite web | last = Farkas | first = Shawn | title = Whidbey's Security Off Model | url = http://blogs.msdn.com/shawnfa/archive/2005/04/28/412998.aspx | date = 2005-04-28 | accessdate = 2007-05-15 ]

Consider, for example, antivirus software installed on a Windows machine. The solution has two pieces: [The example serves just as an illustration. Additional components might be required for it to work properly, as e.g. a driver.] a service, which monitors and scans every file when it is opened, and a manual scanner, which scans the file system when a user requests. Under normal conditions the service should scan the system permanently. However, if a user requests a manual scan, the service must stop temporarily to let the manual scanner work, otherwise every file would be scanned twice: by the manual scanner and by the service. To solve this problem the vendor chooses to implement an event based synchronization mechanism, where the service keeps a named event opened and checks it whenever a file is opened. If the event is "unset" the file is scanned, otherwise it is ignored. The manual scanner, then, to operate, opens the named event, sets it before scanning (disabling the service), scans the file system and resets the event back when finished. This design is prone to a squatting attack because a malicious program can set the named event and disable the service completely.

Notes

References

#
#


Wikimedia Foundation. 2010.

Игры ⚽ Нужно решить контрольную?

Look at other dictionaries:

  • Attack (30 Seconds to Mars song) — Infobox Single Name = Attack Type = Single Artist = 30 Seconds to Mars from Album = A Beautiful Lie Released = Format = Digital download, MP3 Recorded = 2005 Genre = Alternative rock Length = 3:08 Label = Immortal Records, Virgin Records Producer …   Wikipedia

  • Squat — The word squat, squatter or squatting can refer to: * A squat is a kind of sitting position. * Squatting is a term for inhabiting an abandoned or unused building or plot of land without owning or holding a formal lease on it; a person squatting… …   Wikipedia

  • Mandatory Integrity Control — In the context of the Microsoft Windows range of operating systems, Mandatory Integrity Control (MIC) or Integrity Levels (or Protected Mode in the context of applications like Internet Explorer, Google Chrome and Adobe Reader)[1] is a core… …   Wikipedia

  • Battle of Ryesgade — The Battle of Ryesgade was a nine day series of street fights in mid September 1986, in the Copenhagen street Ryesgade. It was the most violent event in a long standing conflict between the Copenhagen city council and the city s community of… …   Wikipedia

  • Monkey Kung Fu — Also known as Hou Quan, Da Sheng Men, Monkey Boxing, Monkey Fist, Tai Shing Pek Kwar Country of origin China Creator Kou Si (Kou Sze), (Kau Sei) 寇四 …   Wikipedia

  • List of capoeira techniques — This is a list of techniques used in capoeira. Capoeira has a variety of different techniques that make use of the hands, feet, legs, arms and head. Both kicks, punches and takedowns are among the offensive movements, but the emphasis is normally …   Wikipedia

  • United States — a republic in the N Western Hemisphere comprising 48 conterminous states, the District of Columbia, and Alaska in North America, and Hawaii in the N Pacific. 267,954,767; conterminous United States, 3,022,387 sq. mi. (7,827,982 sq. km); with… …   Universalium

  • Israeli-Palestinian conflict in Hebron — The Israeli Palestinian conflict in Hebron is a microcosm of the wider Israeli Palestinian conflict. The conflict in Hebron is being played out in a city of 160,000 Palestinians and a Israeli settler population of 500 800 living in close… …   Wikipedia

  • History of anarchism — Part of the Politics series on Anarchism …   Wikipedia

  • Southeast Asian arts — Literary, performing, and visual arts of Myanmar (Burma), Thailand, Laos, Cambodia, Vietnam, Malaysia, Singapore, and the Philippines. The classical literatures of Southeast Asia can be divided into three major regions: the Sanskrit region of… …   Universalium

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”