Übung 2 Übungsaufgabe, Permissions, ACLs
Aktuell: http://heise.de/-1542748 Österreichische Bürgerkarte erneut angreifbar Die österreichische Bürgerkarte, die ähnliche Signierfunktionen wie hierzulande der nPerso hat, ist erneut angreifbar: Ein Angreifer kann die Java-basierte Online-Version der Bürgerkartenumgebung (BKU) missbrauchen, um etwa Banktransaktionen zu autorisieren oder PDF-Dokumente mit der qualifizierten Signatur des Opfers (gleichbedeutend mit einer Unterschrift auf Papier) zu unterzeichnen. Dies hat der Sicherheitsexperte Wolfgang Ettlinger herausgefunden. … Dr. Wolf Müller
Vorstellung: Übungsaufgabe Seitenkanalangriff Crackme https://www2.informatik.hu-berlin.de/sar/Itsec/uebung_ssl/crackme.pdf Dr. Wolf Müller
Software • IDAPro auf gruenau[1-4] • idalTerminal • idaqGUI Dr. Wolf Müller
FAT File System • MS-DOS FAT12,FAT16 frühe Windows-VersionenFAT16 • Single user, single tasking • FAT (File Allocation Table) file system. • EinfacheDateiattribute: • Directory entry • Read Only • Archive • System • Hidden • 8.3 Format fürDateien, Verzeichnisse • 12 bit FAT = max 4096 clusters of 512 to 4k bytes (max 16Mb) • 16 Bit FAT = max 65,525 clusters of 2k to 32k each (max 2Gb) • SHARE.EXE erlaubtMehrfachzugrifffürDateien Permissions, ACLs?
VFAT • Windows 95 langeDateinahmen • Single user / multitasking • Dateiattributewiegehabt. • 2 Terabyte disk size with FAT32
FAT32 • Windows 95sr2/ Windows 98 • Adressierung mit 32 Bit, 4 Bit reserviert: • 228 = 268.435.456 Cluster adressierbar • Dateien dürfen max. bis zu 4 GiB − 1 Byte (= 4.294.967.295 Byte) großsein
OS/2 • Single User, Multi-tasking • Uses HPFS – High Performance File System, • File attributes • As per MS-DOS plus • Creation time and date • Modification time and date • Access time and date • 256 character file names • 2 Terabyte maximum disk size
NTFS • Windows NT, 2000, XP, 2003 • Various versions of NTFS latest being version 5.0 • Multi-user, multi-tasking • NTFS is a Journaled File System • File attributes and Permissions • Attributes Read Only, System, Hidden and Archive. • Permissions • Read • Write • Execute • Delete • Ownership • Control
NTFS (2) • Features • File quotas • File compression • Encryption • Indexing service • Drive spanning • The machine’s user need not be given access rights to all the resources. Problem?
NTFS - Access Control Lists • MFT Security Descriptor Attribute for a file or folder contains two tables of lists: • SACL – System Access Control List, which records auditing information • DACL – Discretionary Access Control List – which maintains list (of Access Control Entities) i.e. users’ SID and list of permissions for that file or folder • Win NT uses static inheritance model • When a folder is created it inherits permission from the parent folder, but if changes are later made to the parent the subfolders do not change unless you select to Apply the changes to subfolders, which can act as a sledgehammer overwriting individually set subfolder permissions • Win 2000 uses dynamic inheritance model • As parent folder change, permissions are inherited to the subfolders dynamically. • Win 2000 offers more flexible control over inheritance • ACLs can be resident in the MFT or stored as separate Metadata
NTFS – Data Streams • file:stream • e.g. • echo Hello > test.txt:AWPP • echo GoodBye >> test.txt • more < test.txt • more <test.txt:AWPP
File system’s role in User Level Security in NTFS • NTFS has extended attributes to support secure multi-user access. • Access Control List, ACL, maintains list of User, Groups (or Computers) with rights allowed or denied to a resource. • Cannot access Local machine’s data, without valid user account with rights to do so.
Local User Accounts • Give users access to resources on a single machine, whether that user logs in locally or remotely • These accounts reside in the Security Access Manager (SAM) located as a file on the machine. • SAM maintains passwords and permissions for the user, and each user is given a Security Identified SID • SID’s are used in Access Control Lists on files and folders • Local Groups can be created to group similar user permissions. • Built in accounts include Administrator and Guest • Built in groups include Administrators, Power Users, User, Everyone • Standard Permission make the bewildering array of choices easier to work with • Only the Administrator or members of the Administrator Group can manage the full set of information for users and groups. • The Guest account can represent a security weakness, or can be used to implement Share Level type security for systems not requiring high security
Issues with User Level security in workgroups or standalone • Each user and or group must be setup on each local and remote machine that user need to access, management is complex • Passwords can get out of sync very easily, users may not be set up identically through the system. • Verifying a user’s access rights across a large organisation is an impossibly daunting task • System is generally very secure, which can be a problem if users forget passwords, especially to Administrator user account on Local machine. You forget - You regret. • In many cases you need administrator rights to install software, or configure the machine • ActiveDirectory, WindowsDomains
Workgroups or stand alone with User Level sharing • Each machine (server or workstation peer ton peer server) that a user wishes to remotely log on to must have that user set up in the database of users for that machine. • Each user is generally defined with a password. • Users can be added as members to groups to • Any of the pre-defined standard groups, eg User, Everyone, Power Users, Administrators • or groups can created on the machine. • You must have an Administrator account or someone of that equivalence.
Workgroups or stand alone with User Level sharing (cont) • How to share a Folder • Set Permissions
Workgroups or stand alone with User Level sharing • How to share a Folder • Browse to folder • On Share Tab on Properties box check Share Folder • Permissions and security
Workgroups or stand alone with User Level sharing (cont) • How to share a Folder (cont) • Use Security for • Control of inherited rights • Fine control of advanced security
Workgroups or stand alone with User Level sharing (cont) • Log on as a Local User to a machine • Enter Username and Password • This username must match a user already setup on this machine, and how has permission to log on as a local user • Log on as Remote User to a shared resource • Use Network neighbourhood to Browse thru Workgroup, find a machine, and browse the shareable resources on machine • Select shared resource • If username and password on local machine match then you are granted access, otherwise you must enter the login name and password. • The username password pair must be setup on remote machine
Win XP – Simple File Sharing • Simple File Sharing allows you to access shared files using the Guest Account (which by default has no password) and comes close to the sort of file sharing of Win95/98/ME • There is little or no security using this and is best turned off • From with My Computer – Tools – Folder Options from View Tab click Advanced – Sharing and Security.
Windows Domains • Organises servers and computers into administrative and physical structures, and users log on to the Domain rather than the individual machines. • Where networks are large enough to have several domains, Trust relationships can be used to verify the identity of a user logged on to one domain to another domain. Users still need to be created and managed in each domain, the Trust only authenticates the user • A domain has one SAM (Security Account Manager) for the Domain, consolidating management • The SAM is managed and stored on a machine known as the PDC (Primary Domain Controller), only one machine in a domain can act in this role, it is always advisable to have a Backup Domain Controller (BDC) which has a read only replica of the SAM
CD and DVD File Systems • ISO-9660 also called CDFS • UFS Universal File System • Includes advanced features such as • Long and Unicode filenames • 64 bit file sizes • File symbolic links • ACL Access Control Lists • Alternate Data Streams • UFS is constantly evolving
Linux File Systems • Ext2 (Extended File System ) • Is the usual native file system for Linux • Uses inodes and allocation bitmaps (like NTFS) • Ext3 • Adds journalling to Ext2 • Reiser • Uses balanced tree indexing, is very efficient with large directories of small files (64k block size) • Provides metadata journalling (like NTFS) • JFS • A journaled file system based on an IBM file systems from OS/2 Warp • XFS • Each of the above support ACL’s. ACL’s which were introduced in the Linux Kernel 2.5.46
Linux Permission Systems • Traditionally Linux (and Unix) offer 3 sets of permissions for files and directories • Read, Write and Execute for the three groups Owner, Group and Others • This can be very restrictive, being only one owner, and one group per file or directory. • Additional control of permissions is provided with ACL’s (like the Windows ACL’s) • Support for ACL’s was first brought about for support for Samba (Microsoft file sharing support) • Managed through the getfacland setfaclprograms, whereas traditional permissions are managed thru chmod
Linux • S-Bit • Sticky-Bit Aufgaben: • ZufriffteilenzwischenmehrerenNutzern • 1.) automatisiertauchfürneueVerzeichnisse • S-Bit fürShellskripte? • Nur Eigentümer einer Datei (oder der Eigentümer des Verzeichnisses) darf Datei löschen oder umbenennen Dr. Wolf Müller