320
Comment:
|
1476
|
Deletions are marked like this. | Additions are marked like this. |
Line 8: | Line 8: |
== Vulnerability Mapping == *Is the process of mapping specific security attributes of a system to an associated vulnerability or potential vulnerability === Methods of Vulnerability Mapping === *Manually map specific system attributes against publicity available sources of vulnerability information *Use public exploit code posted to various security mailing lists and any number of websites, or develop own code *Use automated vulnerability scanning tools, such as Nessus to identify true vulnerabilities == Remote Access == *Defined as gaining access via the network or other communication channel. == Local Access == *Defined as having an actual command shell or login to the system *Also referred to a privilege escalation attacks == Remote Access == *4 methods to exploit UNIX *Exploiting a listening service *Routing through a UNIX system that is providing security between two or more networks *UI remote access execution attacks *Exploiting a process or program that has placed the network interface card into promiscuous mode |
The Quest for Root
- In 1969 Ken Thompson, and Denis Ritchie hacked up MULTICS (Multiplexed Information and computing System) and created UNIX
- Early UNIX environments were located in Bell Labs or in a university
Vulnerability Mapping
- Is the process of mapping specific security attributes of a system to an associated vulnerability or potential vulnerability === Methods of Vulnerability Mapping ===
- Manually map specific system attributes against publicity available sources of vulnerability information
- Use public exploit code posted to various security mailing lists and any number of websites, or develop own code
- Use automated vulnerability scanning tools, such as Nessus to identify true vulnerabilities
Remote Access
- Defined as gaining access via the network or other communication channel.
Local Access
- Defined as having an actual command shell or login to the system
- Also referred to a privilege escalation attacks
Remote Access
- 4 methods to exploit UNIX
- Exploiting a listening service
- Routing through a UNIX system that is providing security between two or more networks
- UI remote access execution attacks
- Exploiting a process or program that has placed the network interface card into promiscuous mode
Back to Cptr427Winter2010