1685
Comment:
|
2123
|
Deletions are marked like this. | Additions are marked like this. |
Line 46: | Line 46: |
== Brute-force Countermeasures == *Using a operating system that offers a service that strengthens passwords like Solaris 10 *PASSLENGTH *MINWEEK *MAXWEEK *WARNWEEK *ETC == Buffer Overflow Attacks == |
|
Line 47: | Line 56: |
*Buffer overflow condition *Occurs when a user or attempts to place more data into a buffer than previously allocated *Echo “vrfy ‘perl –e ‘print “a” x 1000’ ’ ” |
The Quest for Root
- In 1969 Ken Thompson, and Denis Ritchie hacked up MULTICS (Multiplexed Information and computing System) and created UNIX
- Early UNIX environments were located in Bell Labs or in a university
Vulnerability Mapping
- Is the process of mapping specific security attributes of a system to an associated vulnerability or potential vulnerability
Methods of Vulnerability Mapping
- Manually map specific system attributes against publicity available sources of vulnerability information
- Use public exploit code posted to various security mailing lists and any number of websites, or develop own code
- Use automated vulnerability scanning tools, such as Nessus to identify true vulnerabilities
Remote Access
- Defined as gaining access via the network or other communication channel.
Local Access
- Defined as having an actual command shell or login to the system
- Also referred to a privilege escalation attacks
Remote Access
- 4 methods to exploit UNIX
- Exploiting a listening service
- Routing through a UNIX system that is providing security between two or more networks
- UI remote access execution attacks
- Exploiting a process or program that has placed the network interface card into promiscuous mode
ATTACKS and Countermeasures
Brute-force Attacks
- Most basic form of attack
- Most Common types of services attacked
- telnet
- FTP
- Secure Shell
- POP and IMAP
Brute-force Countermeasures
- Using a operating system that offers a service that strengthens passwords like Solaris 10
- PASSLENGTH
- MINWEEK
- MAXWEEK
- WARNWEEK
- ETC
Buffer Overflow Attacks
- Buffer overflow condition
- Occurs when a user or attempts to place more data into a buffer than previously allocated
- Echo “vrfy ‘perl –e ‘print “a” x 1000’ ’ ”
Back to Cptr427Winter2010