|
Size: 84
Comment:
|
Size: 2851
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 3: | Line 3: |
== The Quest for Root == *In 1969 Ken Thompson, and Denis Ritchie hacked up MULTICS (Multiplexed Information and computing System) and created UNIX *Early UNIX environments were located in Bell Labs or in a university == Vulnerability Mapping == *Is the process of mapping specific security attributes of a system to an associated vulnerability or potential vulnerability === Methods of Vulnerability Mapping === *Manually map specific system attributes against publicity available sources of vulnerability information *Use public exploit code posted to various security mailing lists and any number of websites, or develop own code *Use automated vulnerability scanning tools, such as Nessus to identify true vulnerabilities == Remote Access == *Defined as gaining access via the network or other communication channel. == Local Access == *Defined as having an actual command shell or login to the system *Also referred to a privilege escalation attacks == Remote Access == *4 methods to exploit UNIX *Exploiting a listening service *Routing through a UNIX system that is providing security between two or more networks *UI remote access execution attacks *Exploiting a process or program that has placed the network interface card into promiscuous mode = ATTACKS and Countermeasures = == Brute-force Attacks == *Most basic form of attack *Most Common types of services attacked *telnet *FTP *Secure Shell *POP and IMAP == Brute-force Countermeasures == *Using a operating system that offers a service that strengthens passwords like Solaris 10 *PASSLENGTH *MINWEEK *MAXWEEK *WARNWEEK *ETC == Buffer Overflow Attacks == *Buffer overflow condition *Occurs when a user or attempts to place more data into a buffer than previously allocated *Echo “vrfy ‘perl –e ‘print “a” x 1000’ ’ ” = Quiz = 1. In what year was Unix project started? '''1969 ''' 2. What is the name of the parent system that Unix came out of? ''' MULTICS ''' 3. List 2 of the 4 Remote access categories. *Exploiting a listening service *Routing through a UNIX system that is providing security between two or more networks *UI remote access execution attacks *Exploiting a process or program that has placed the network interface card into promiscuous mode 4. What is the best Countermeasure for a brute force attacks? ''' Strong Passwords ''' 5. Other than disabling unused services to mitigate buffer overflow attacks, what else should you disable? ''' Dangerous services ''' [[attachment:PowerPoint]] |
The Quest for Root
- In 1969 Ken Thompson, and Denis Ritchie hacked up MULTICS (Multiplexed Information and computing System) and created UNIX
- Early UNIX environments were located in Bell Labs or in a university
Vulnerability Mapping
- Is the process of mapping specific security attributes of a system to an associated vulnerability or potential vulnerability
Methods of Vulnerability Mapping
- Manually map specific system attributes against publicity available sources of vulnerability information
- Use public exploit code posted to various security mailing lists and any number of websites, or develop own code
- Use automated vulnerability scanning tools, such as Nessus to identify true vulnerabilities
Remote Access
- Defined as gaining access via the network or other communication channel.
Local Access
- Defined as having an actual command shell or login to the system
- Also referred to a privilege escalation attacks
Remote Access
- 4 methods to exploit UNIX
- Exploiting a listening service
- Routing through a UNIX system that is providing security between two or more networks
- UI remote access execution attacks
- Exploiting a process or program that has placed the network interface card into promiscuous mode
ATTACKS and Countermeasures
Brute-force Attacks
- Most basic form of attack
- Most Common types of services attacked
- telnet
- FTP
- Secure Shell
- POP and IMAP
Brute-force Countermeasures
- Using a operating system that offers a service that strengthens passwords like Solaris 10
- PASSLENGTH
- MINWEEK
- MAXWEEK
- WARNWEEK
- ETC
Buffer Overflow Attacks
- Buffer overflow condition
- Occurs when a user or attempts to place more data into a buffer than previously allocated
- Echo “vrfy ‘perl –e ‘print “a” x 1000’ ’ ”
Quiz
1. In what year was Unix project started? 1969
2. What is the name of the parent system that Unix came out of? MULTICS
3. List 2 of the 4 Remote access categories.
- Exploiting a listening service
- Routing through a UNIX system that is providing security between two or more networks
- UI remote access execution attacks
- Exploiting a process or program that has placed the network interface card into promiscuous mode
4. What is the best Countermeasure for a brute force attacks? Strong Passwords
5. Other than disabling unused services to mitigate buffer overflow attacks, what else should you disable? Dangerous services
Back to Cptr427Winter2010