Additional information (pa)

Palm OS (viruses)

Palm OS is an operating system uniquely designed by "Palmsource" for smartphones and PDA's (handheld devices). This operating system doesn't play a big part on the market anymore.

A Palm OS virus is a unique kind of virus, especially designed to attack the Palm Operating System. They were firstly discovered in 2000 by Symantec. Very few have ever been designed.

Password based attacks

A password based attack is an attack in which an attacker can get hold of someone's password often being helped by a malicious program that functions as a password cracker. The victim can be a single person or someone who works for a company or organization and uses his password to login to the system. The hacker can then send e-mails, messages, post articles or alter files and filesystems. Depending on the motive of the attacker and how sophisticated he places the attack the consequences can be severe in personal or financial way. These kinds of attacks can take place over a longer period of time and all security-systems are being bypassed because of the authenticated session the attacker is in.
Prevention of password-attacks depends strongly on the environment, regularly changing passwords can reduce the harm done.

Password spraying

Password spraying is a type of brute-force attack in which an attacker tries several logins to a known list of usernames combined with statistically often used passwords. This kind of attack typically is being performed by an automated script.
There are several ways to protect against this kind of attacks like Captcha or maximizing the number of logins for a specific ip-adress or hostname.

Path- or directory traversal attack

A path traversal attack is an attack in which the path to the requested file or directory can be manipulated by user-input. The query must always be sanitized first before it is being passed on to or accepted from the server. Without proper validation the path can be manipulated and a hacker can get control of the system or the network.
The best way to protect a website against this type of attack is sanitising and validating every query that comes from an external source like a user, even if that person is authorized with username and password.

Social (and other) things: