Differences between revisions 10 and 11
Revision 10 as of 2010-03-11 13:40:13
Size: 2805
Editor: c-68-53-233-3
Comment:
Revision 11 as of 2010-03-11 13:41:00
Size: 2820
Editor: c-68-53-233-3
Comment:
Deletions are marked like this. Additions are marked like this.
Line 64: Line 64:
2. What is the name of the parent system that Unix came out of? === MULTICS === 2. What is the name of the parent system that Unix came out of? ''' MULTICS '''
Line 73: Line 73:
4. What is the best Countermeasure for a brute force attacks? Strong Passwords 4. What is the best Countermeasure for a brute force attacks? ''' Strong Passwords '''
Line 75: Line 75:
5. Other than disabling unused services to mitigate buffer overflow attacks, what else should you disable? Dangerous services 5. Other than disabling unused services to mitigate buffer overflow attacks, what else should you disable? ''' Dangerous services '''

The Quest for Root

  • In 1969 Ken Thompson, and Denis Ritchie hacked up MULTICS (Multiplexed Information and computing System) and created UNIX
  • Early UNIX environments were located in Bell Labs or in a university

Vulnerability Mapping

  • Is the process of mapping specific security attributes of a system to an associated vulnerability or potential vulnerability

Methods of Vulnerability Mapping

  • Manually map specific system attributes against publicity available sources of vulnerability information
  • Use public exploit code posted to various security mailing lists and any number of websites, or develop own code
  • Use automated vulnerability scanning tools, such as Nessus to identify true vulnerabilities

Remote Access

  • Defined as gaining access via the network or other communication channel.

Local Access

  • Defined as having an actual command shell or login to the system
  • Also referred to a privilege escalation attacks

Remote Access

  • 4 methods to exploit UNIX
    • Exploiting a listening service
    • Routing through a UNIX system that is providing security between two or more networks
    • UI remote access execution attacks
    • Exploiting a process or program that has placed the network interface card into promiscuous mode

ATTACKS and Countermeasures

Brute-force Attacks

  • Most basic form of attack
  • Most Common types of services attacked
    • telnet
    • FTP
    • Secure Shell
    • POP and IMAP

Brute-force Countermeasures

  • Using a operating system that offers a service that strengthens passwords like Solaris 10
    • PASSLENGTH
    • MINWEEK
    • MAXWEEK
    • WARNWEEK
    • ETC

Buffer Overflow Attacks

  • Buffer overflow condition
  • Occurs when a user or attempts to place more data into a buffer than previously allocated
  • Echo “vrfy ‘perl –e ‘print “a” x 1000’ ’ ”

Quiz

1. In what year was Unix project started? 1969

2. What is the name of the parent system that Unix came out of? MULTICS

3. List 2 of the 4 Remote access categories.

  • Exploiting a listening service
  • Routing through a UNIX system that is providing security between two or more networks
  • UI remote access execution attacks
  • Exploiting a process or program that has placed the network interface card into promiscuous mode

4. What is the best Countermeasure for a brute force attacks? Strong Passwords

5. Other than disabling unused services to mitigate buffer overflow attacks, what else should you disable? Dangerous services

Back to Cptr427Winter2010

HackingExposedChapter05 (last edited 2010-03-11 13:44:19 by c-68-53-233-3)