Download
anti hacker poetry in the mac os x n.
Skip this Video
Loading SlideShow in 5 Seconds..
Anti Hacker Poetry in the Mac OS X PowerPoint Presentation
Download Presentation
Anti Hacker Poetry in the Mac OS X

Anti Hacker Poetry in the Mac OS X

126 Vues Download Presentation
Télécharger la présentation

Anti Hacker Poetry in the Mac OS X

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Anti Hacker Poetry in the Mac OS X • Your karma check for today: There once was a user that whined/ his existing OS was so blind/ he'd do better to pirate/ an OS that ran great/ but found his hardware declined./ Please don't steal Mac OS!/ Really, that's way uncool./ (C) Apple Computer, Inc."

  2. Automated Attack Vectors

  3. Automated Attack VectorsViruses • A computer program file capable of attaching to disks or other files • Necessary characteristics of a virus: • It is able to replicate • It requires a host program as a carrier • It is activated by external action

  4. Automated Attack VectorsViruses: Polymorphic viruses • Creates copies during replication that are functionally equivalent but have distinctly different byte streams • Randomly insert superfluous instructions • Interchange order of independent instructions • Use encryption schemes • This variable quality makes difficult to locate, identify, or remove

  5. Automated Attack VectorsWorms • A self-replicating computer program, similar to a virus • A virus attaches itself to, and becomes part of, another executable program • A worm is self-contained and does not need to be part of another program to propagate itself • The Robert Morris Worm • Written at Cornell • Released at MIT • Fixed at Harvard

  6. Automated Attack VectorsWorms • Necessary characteristics of a worm: • It is able to replicate without user intervention • It is self-contained and does not require a host • It is activated by creating process • If it is a network worm, it can replicate across communication links • Some customers like to distinguish between worms that use buffer overruns to propagate and those that use e-mail

  7. Automated Attack VectorsWorms: Examples • SQL Slammer • Blaster • MyDoom • Sasser

  8. Automated Attack VectorsBots • Derived from the word Robot • Program designed to search for information Internet with little human intervention • Search engines, such as Yahoo and Altavista, typically use bots to gather information for their databases

  9. Automated Attack VectorsBots • Bots analogous to agent • Typically an exe • Bots are not exploits themselves • They are payloads delivered by worms, viruses and hackers • Installed after compromise • Infect system and maintain access for attackers to control them • Botnets – thousands of system controlled

  10. Automated Attack VectorsBots • Thousands of highly configurable bot packages available on Internet • Usually between 10,000-100,000 machines • Some at 350,000 • Some in the millions

  11. Automated Attack VectorsBots: uses • DDoS attacks • Information theft • keyboard logging, network monitoring, etc • Warez i.e. host illegal data • Pirated software, movies, games, etc.

  12. Automated Attack VectorsTrojans • Term borrowed from Greek history • Malicious program disguised as something benign • Screen saver, game, etc. • exe, com, vbs, bat, pif, scr, lnk, js, etc. • It seems to function as user expects

  13. Automated Attack VectorsTrojans • May or may not appear in process list • May install a backdoor • Generally spread through e-mail and exchange of disks and files • Worms also spread Trojan horses, IRC channels, P2P applications, porn sites, etc.

  14. Security at Microsoft

  15. Security Teams at Microsoft

  16. Vulnerability Reported • Is the reported problem really a vulnerability? A security vulnerability is a flaw in a product that makes it infeasible – even when using the product properly – to prevent an attacker from usurping privileges on the user's system, regulating its operation, compromising data on it, or assuming ungranted trust. http://www.microsoft.com/technet/treeview/default.asp?url=/technet/columns/security/essays/vulnrbl.asp

  17. Vulnerability Reported

  18. Protecting Your P.C.

  19. How To Protect Your PC • Three primary ways to exploit you: • Weak passwords • Unpatched vulnerabilities • Social Engineering

  20. How To Protect Your PCUse Complex Passwords • At least eight characters long • Does not contain all or part of user's account name • Contain characters from three of following four categories: • English uppercase characters (A through Z) • English lowercase characters (a through z) • Base-10 digits (0 through 9) • Non-alphanumeric (for example, !, $, #, %) extended ASCII, symbolic, or linguistic characters

  21. How To Protect Your PCOther Options • Use a pass phrase instead of password • Use non-English words in password • Rename accounts including Administrator account

  22. How To Protect Your PCSocial Engineering • Do not open e-mail from people you don’t know • Do not open e-mail attachments • Do not follow URLs sent in e-mail • Do not go to web sites that you cannot trust

  23. Biometrics 101 (cont) Required System Components • A biometric authentication device is made up of three components: • A database of biometric data. • Input procedures and devices. • Output and graphical interfaces.

  24. Identification Vs. Verification • In identification, the system then attempts to find out who the sample belongs to, by comparing the sample with a database of samples in the hope of finding a match (this is known as a one-to-many comparison). "Who is this?" • Verification is a one-to-one comparison in which the biometric system attempts to verify an individual's identity. "Is this person who he/she claims to be?"

  25. Human trait examples used in Biometrics • FingerprintsA fingerprint looks at the patterns found on a fingertip. There are a variety of approaches to fingerprint verification. Ex. traditional police method of matching minutiae; others use straight pattern-matching devices; verification approaches can detect when a live finger is presented; some cannot. • Hand GeometryHand geometry involves analyzing and measuring the shape of the hand. This biometric offers a good balance of performance characteristics and is relatively easy to use. It might be suitable where there are more users or where users access the system infrequently and are perhaps less disciplined in their approach to the system.

  26. Security Measures for the Internet Age

  27. Encryption Plaintext Ciphertext Plaintext Encryption Decryption • Cryptography: art and science of keeping messages secure • Cryptanalysis: art and science of breaking ciphertext • Cryptology: area of mathematics that covers both

  28. Encryption continued • If • M=the plaintext message • C=the encrypted ciphertext • E=encryption algorithm • D=decryption algorithm • Then • E(M)=C • D(C)=M • D(E(M))=M

  29. Algorithms and Keyspaces • The cryptographic algorithm (cipher) is a mathematical function used for encryption and decryption • Security based on restriction to internals of algorithm • But • If someone leaves group • Someone buys algorithm • Problems of restricted algos solved with using keys

  30. Keys • Any one of a large number of values • The total possible set of keys is called the keyspace • The encryption and decryption is dependent on key • So • EK(M)=C • DK(C)=M • DK(EK(M))=M • What does this mean? • DK2(EK1(M))=M

  31. Private vs. Public Key Encryption symmetric asymmetric

  32. Symmetric vs. Asymmetric algorithms • Symmetric • Typically use the same key for encryption and decryption • Sender and receiver must agree to secret key before sending message • Asymmetric • Key for encryption is different from one for decryption • Encryption key can be made public • Decryption key is private • Sometimes called public key encryption

  33. Cryptanalysis • Recovering the plaintext without the key (an attack) • All secrecy resides in the key • Types of attack • Ciphertext-only attack • Known-plaintext attack • Chosen-plaintext attack • Adaptive-chosen-plaintext attack • Rubber-hose attack • Purchase-key attack

  34. Public Key Infrastructure • Involves hardware, software, data transport mechanism, smart cards, governing policies and protocols • Requires services of • Registration Authority • Certificate Authority • Data Repositories

  35. Digital Signatures • Consists of two pieces of information • the data being transmitted • The private key of the individual or organization sending the data • The private key acts as a digital signature to verify that the data is from the stated source

  36. Transaction Security • Secure Socket Layer (SSL) • Uses the SSL in the TCP/IP model • Creates a secure negotiated session between client and server • Secure Negotiated Session • All communication between client and server is encrypted • URL, credit card number, cookies, attached documents • Agree upon a symmetric session key • Used for only one session and then destroyed

  37. Multi-layered Network Security Technology Solutions DATA Technology Solutions Organizational Policies Industry and Legal Standards