Differences between revisions 9 and 10
Revision 9 as of 2010-03-11 13:39:26
Size: 2806
Editor: c-68-53-233-3
Comment:
Revision 10 as of 2010-03-11 13:40:13
Size: 2805
Editor: c-68-53-233-3
Comment:
Deletions are marked like this. Additions are marked like this.
Line 62: Line 62:
1. In what year was Unix project started? === 1969 === 1. In what year was Unix project started? '''1969 '''

The Quest for Root

  • In 1969 Ken Thompson, and Denis Ritchie hacked up MULTICS (Multiplexed Information and computing System) and created UNIX
  • Early UNIX environments were located in Bell Labs or in a university

Vulnerability Mapping

  • Is the process of mapping specific security attributes of a system to an associated vulnerability or potential vulnerability

Methods of Vulnerability Mapping

  • Manually map specific system attributes against publicity available sources of vulnerability information
  • Use public exploit code posted to various security mailing lists and any number of websites, or develop own code
  • Use automated vulnerability scanning tools, such as Nessus to identify true vulnerabilities

Remote Access

  • Defined as gaining access via the network or other communication channel.

Local Access

  • Defined as having an actual command shell or login to the system
  • Also referred to a privilege escalation attacks

Remote Access

  • 4 methods to exploit UNIX
    • Exploiting a listening service
    • Routing through a UNIX system that is providing security between two or more networks
    • UI remote access execution attacks
    • Exploiting a process or program that has placed the network interface card into promiscuous mode

ATTACKS and Countermeasures

Brute-force Attacks

  • Most basic form of attack
  • Most Common types of services attacked
    • telnet
    • FTP
    • Secure Shell
    • POP and IMAP

Brute-force Countermeasures

  • Using a operating system that offers a service that strengthens passwords like Solaris 10
    • PASSLENGTH
    • MINWEEK
    • MAXWEEK
    • WARNWEEK
    • ETC

Buffer Overflow Attacks

  • Buffer overflow condition
  • Occurs when a user or attempts to place more data into a buffer than previously allocated
  • Echo “vrfy ‘perl –e ‘print “a” x 1000’ ’ ”

Quiz

1. In what year was Unix project started? 1969

2. What is the name of the parent system that Unix came out of? === MULTICS ===

3. List 2 of the 4 Remote access categories.

  • Exploiting a listening service
  • Routing through a UNIX system that is providing security between two or more networks
  • UI remote access execution attacks
  • Exploiting a process or program that has placed the network interface card into promiscuous mode

4. What is the best Countermeasure for a brute force attacks? Strong Passwords

5. Other than disabling unused services to mitigate buffer overflow attacks, what else should you disable? Dangerous services

Back to Cptr427Winter2010

HackingExposedChapter05 (last edited 2010-03-11 13:44:19 by c-68-53-233-3)