Java-based attacks

• SNARF

  • a classic Trojan Horse login implemented in Java
  • displays window requesting “user id” and “password”
  • obtained info is send to the evil web server

• Denial of Service applets

  • Noisy Bear, Applet Killer, Blue Screen of Death
  • Resource Consumer

• Defense

  • encrypt sensitive data
  • know what web sites you are visiting
  • use latest versions of browser ; use latest security patches
  • turn Java off, do not use Java-enabled web browser

Previous slide

Next slide

Back to first slide

View graphic version