Download Compensation 101 - Christopher S. Foree

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
Document related concepts

HTTP cookie wikipedia , lookup

Password strength wikipedia , lookup

Computer security wikipedia , lookup

Proxy server wikipedia , lookup

Distributed firewall wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Wireless security wikipedia , lookup

Unix security wikipedia , lookup

Denial-of-service attack wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Mobile security wikipedia , lookup

Cross-site scripting wikipedia , lookup

Transcript 
The University of Arizona
September 9, 2009
1
How can you make a web server 100%
secure?
A. Unplug it!
B. But seriously…
–
–
The University of Arizona
Every service running on a server (web or
otherwise) is a possible point of vulnerability
Common services include HTTP, SSH, FTP,
SMTP
September 9, 2009
2
What is a “Black Hat?”
A. What is a “Black Hat?”
– In the IT world, someone who breaks into a
computer system or network with malicious intent
B. Vs. what…a “Green Hat?”
– The term “White Hat” is generally applied to a
person/persons responsible for maintaining
server/network security and preventing break-ins.
C. Why can’t we all just get along…
The University of Arizona
September 9, 2009
3
A. Whether your hat be black, white, or gray,
many of the same tools that are used to break
into networks/systems are also used by
security professionals to audit and keep
systems secure
– SSH
– NMAP
– Snort/Ethereal/Wireshark
– Password hash crackers
– Web Vulnerability Scanners
The University of Arizona
September 9, 2009
4
Anatomy of a Web Server (cont.)
Web
Application(s)
Web Server
Operating System
The University of Arizona
September 9, 2009
5
Operating System Attacks
A. Some Operating System attacks
– Port Scanning
– Service Vulnerability Scanning
– Password Cracking
•
•
•
Dictionary
Hybrid
Brute Force
– Physical/LAN Risks
•
The University of Arizona
Packet Sniffing
September 9, 2009
6
Common types of wide-area network
scanning/attacks
A. Service Vulnerability Scanning
i. Common first-step of a would-be attacker
ii. Each port on a server is successively “pinged”
iii. Allows the attacker to gather a list of the
services running on the target server
B. Looking for Documented Vulnerabilities in
Services
i.
Despite best-efforts of the security community
to document vulnerabilities and disseminate
bulletins, there are inevitably servers/services
that go un-patched
ii. Attackers can make use of the these warning
publications to inform their attack strategy
iii. Cue the Script Kiddie
The University of Arizona
September 9, 2009
7
Common types of wide-area network
scanning/attacks cont.
C. Dictionary-based password-guessing
A. Attacker uses common words and attempts
sequential logins using each
D. “Hybrid” password-guessing
A. Like dictionary-based but with various
permutations of each word, e.g. rearranging
letters, adding symbols, numbers
E. Remote Brute-force password-guessing
i.
The University of Arizona
It is rare that the people administering a server
work in the same physical location as the server
itself. Unless you’re this guy…
September 9, 2009
8
The University of Arizona
September 9, 2009
9
C. Brute-force attacks (cont.)
•
•
•
The University of Arizona
Most servers run the Secure Shell (SSH) as a
point of access for the server administrator
The ubiquity of SSH/FTP/Telnet and the level of
access that can often be obtained
makes these protocols common targets
for brute force password
guessing attempts
IF the attacker has a copy of your system’s
password file the process
September 9, 2009
10
Common types of wide-area network
scanning/attacks cont.
iv. Just as it sounds, the attacker will try an endless slew of
username/password combinations until eventually gaining
access
v. Almost all remote brute force password-guessing attempts
are automated. Example:
The University of Arizona
September 9, 2009
11
A. FACT: EVERY password is crack-able over
time...
– There are 62 upper and lower-case characters on a
US keyboard
– A 6-character password has 62^6 permutations
– It takes a modern low-end computer about 1.5 hours
to exhaust EVERY possible permutation…wanna try
yours out?
http://www.unwrongest.com/projects/passwordstrength/
B. Solution?
– Hard to guess passwords or pass-phrases
•
•
•
The University of Arizona •
If you have to use an actual word, don’t use
common words/phrases
Add numbers and special characters to your
password
Use a mix of upper- and lower-case letters
DON’T WRITE
YOUR
PASSWORD DOWN!
September
9, 2009
12
Physical/LAN Access - Risks cont.
A. Not all attacks are “remote”
– “Rogue” network access points
•
E.g. your web server only allows access from a certain
IP range…Is there a wireless network?
B. Packet-sniffing
i.
ii.
iii.
The University of Arizona
The attacker intercepts packets of data as they pass
between computers
After collecting packets of data for a period of time, the
attacker can “data-mine” for information that appears in
a specific pattern, such as credit card numbers (########-####-####), or SSN’s (###-##-####)
If your wireless local network is unencrypted, anybody
within range of your wireless router’s signal can
intercept and read your data
September 9, 2009
13
Physical/LAN Access - Risks cont.
C. “Rogue” access points
i.
The attacker places his/her own physical wireless
access point on a wireless network in order to:
i.
ii.
The University of Arizona
Increase the signal strength/physical area of a wireless
network
Intercept/manipulate packets of data (e.g. Man in the
Middle attack)
September 9, 2009
14
How are website vulnerabilities
different?
A.
Anatomy of a web server -- A LAMP (Linux, Apache, MySQL,
PHP) server:
B.
Due to the robust nature of today’s web-technologies, web
servers bring in an additional layer of
security concerns in
addition to the ones
previously covered.
The University of Arizona
September 9, 2009
15
Common Types of Web Server/App. Attacks
A. Web Server/Application Attacks
– SQL Injection
– Remote Code Execution
– Cross-site Scripting (XSS)
– Denial of Service (DoS) & Distributed
Denial of Service (DDoS)
The University of Arizona
September 9, 2009
16
Common types of attacks targeting web
applications
A. Many web application vulnerabilities appear
due to oversight and/or coding errors:
B. MISTAKE: Neglecting to properly clean-up, or
“sanitize” user input. Failure to filter user input
can allow an attacker to insert arbitrary data,
and is the cause of the majority of successful
website attacks.
– SQL injection – the attacker inserts SQL
code as user input which is subsequently
executed as a SQL query.
– Remote code execution – the attacker is
able to insert code as user input to a remote
server that is subsequently executed as
though it were part of the web application.
E.g. web applications spanning multiple
servers/locations using RPC (Remote
Procedure Call)
The University of Arizona
September 9, 2009
17
SQL Injection
A. Improperly “sanitized” user input can result in
the attacker arbitrarily running SQL (database)
queries on a system.
B. In detail:
http://en.wikipedia.org/wiki/SQL_injection
The University of Arizona
September 9, 2009
18
Remote Code Execution
A. More and more websites are appearing (e.g.
Facebook) that utilize remote procedure calls to
give web applications a “real-time application”
feel (“distributed web applications”)
B. Improperly verified input sources and unsanitized user-input can allow attackers to send
data to a “receiver” server, posing as the
“sender”
The University of Arizona
September 9, 2009
19
Cross-Site Scripting (XSS)
A. The attacker uploads client-side code that
then gets executed on the client’s browser
(usu. behind the scenes and unknown to the
user)
– Generally occurs where user input is
displayed (e.g. a poorly-coded web forum)
The University of Arizona
September 9, 2009
20
XSS (cont.)
B. Today’s web applications often store quite a
lot of information in the client’s browser (e.g.
cookies, cache)
C. Since XSS relies on code that gets executed
on a client’s browser, client-side data can be
manipulated and hijacked, and the user can
be redirected to malicious websites
The University of Arizona
September 9, 2009
21
–
Denial of Service (DoS) and Distributed
Denial of Service (DDoS)
•
The University of Arizona
The target web server is inundated with so
many requests it cannot respond to them all,
thus causing the website to become unavailable
to actual users.
September 9, 2009
22
In Conclusion
A.
So now I know my Blackhat…how will I ever
get to sleep again!?
– Reducing the likelihood of password
brute-force attampts
•
•
The University of Arizona
don’t use your first or last name (or something
easily guessable) as your login name
pick a hard password and don’t write it down!
September 9, 2009
23
In Conclusion
– ALWAYS sanitize user input in your web
applications
– Verify that web requests your web
application processes are coming from a
trusted source
– Always verify the integrity of data on the
server-side – DO NOT trust a client or
remote server
The University of Arizona
September 9, 2009
24
Related documents
TACMASS Usage Agreement - The University of Arizona Cancer
TACMASS Usage Agreement - The University of Arizona Cancer
Clinical Requirements Checklist Student Information Sheet Proof of
Clinical Requirements Checklist Student Information Sheet Proof of
April 2012 - Maricopa Community Colleges
April 2012 - Maricopa Community Colleges
March 2013 - Southwest Journal of Pulmonary and Critical Care
March 2013 - Southwest Journal of Pulmonary and Critical Care
The Recovery is Proceeding at a Snail`s Pace
The Recovery is Proceeding at a Snail`s Pace
Climate Change in Arizona Workshop Educates Media
Climate Change in Arizona Workshop Educates Media
Role of Psychiatrists in Recovery Oriented Systems and Promoting
Role of Psychiatrists in Recovery Oriented Systems and Promoting
Hands on Demonstration for Testing Security in Web Applications
Hands on Demonstration for Testing Security in Web Applications
PowerPoint-Präsentation - Arizona Office of Tourism
PowerPoint-Präsentation - Arizona Office of Tourism
Forms of Network Attacks
Forms of Network Attacks