#acl SecurityClass2010Group:read,write,admin All:read


== The Quest for Root ==

   *In 1969 Ken Thompson, and Denis Ritchie hacked up MULTICS (Multiplexed Information and computing System) and created UNIX
   *Early UNIX environments were located in Bell Labs or in a university 
 
== Vulnerability Mapping ==
   
   *Is the process of mapping specific security attributes of a system to an associated vulnerability or potential vulnerability
  
=== Methods of Vulnerability Mapping ===
      
      *Manually map specific system attributes against publicity available sources of vulnerability information
      *Use public exploit code posted to various security mailing lists and any number of websites, or develop own code
      *Use automated vulnerability scanning tools, such as Nessus to identify true vulnerabilities

== Remote Access ==
   
   *Defined as gaining access via the network or other communication channel.
 
== Local Access ==
   
   *Defined as having an actual command shell or login to the system
   *Also referred to a privilege escalation attacks

== Remote Access ==

   *4 methods to exploit UNIX
      *Exploiting a listening service
      *Routing through a UNIX system that is providing security between two or more networks
      *UI remote access execution attacks
      *Exploiting a process or program that has placed the network interface card into promiscuous mode 

= ATTACKS and Countermeasures =

== Brute-force Attacks ==
   *Most basic form of attack
   *Most Common types of services attacked
      *telnet
      *FTP
      *Secure Shell
      *POP and IMAP

== Brute-force Countermeasures ==
  
   *Using a operating system that offers a service that strengthens passwords like Solaris 10
      *PASSLENGTH
      *MINWEEK
      *MAXWEEK
      *WARNWEEK
      *ETC
== Buffer Overflow Attacks ==

   *Buffer overflow condition
   *Occurs when a user or attempts to place more data into a buffer than previously allocated
   *Echo “vrfy ‘perl –e ‘print “a” x 1000’ ’ ” 

= Quiz =

1. In what year was Unix project started? '''1969 '''

2. What is the name of the parent system that Unix came out of? ''' MULTICS '''

3. List 2 of the 4 Remote access categories.

   *Exploiting a listening service
   *Routing through a UNIX system that is providing security between two or more networks
   *UI remote access execution attacks
   *Exploiting a process or program that has placed the network interface card into promiscuous mode 

4. What is the best Countermeasure for a brute force attacks? ''' Strong Passwords '''

5. Other than disabling unused services to mitigate buffer overflow attacks, what else should you disable? ''' Dangerous services '''

[[attachment:Security Pres]]



Back to Cptr427Winter2010