1 / 85

Assignment One

Assignment One. Due right NOW. Place your assignment on the table at the front of the room. AdminTrivia. First Exam will be on September 27 Exam will be Open Notes No electronic devices permitted Cell phones off Computers in their cases PDA’s off and in their cases

marcie
Télécharger la présentation

Assignment One

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Assignment One • Due right NOW. • Place your assignment on the table at the front of the room

  2. AdminTrivia • First Exam will be on September 27 • Exam will be Open Notes • No electronic devices permitted • Cell phones off • Computers in their cases • PDA’s off and in their cases • Anything else that can contain data or communicate off and out of reach

  3. Spyware and Adware

  4. Basic Attack TypesSpyware • Spyware can be considered a kind of Trojan horse software. • Spyware software is distinguished by having a surveillance function.

  5. Basic Attack TypesSpyware • Various kinds of spyware may • Install a keylogger, which records users’ keystrokes, and can be used to get passwords. • Turn on webcams or microphones. • Record the web sites a user visits.

  6. Basic Attack TypesAdware • A variation on spyware, called adware, is typically installed with a user’s permission, usually as part of a legitimate software installation. • The adware spyware is installed in addition to the desired software. • Often the user authorizes this as part of the licensing agreement for the desired software.

  7. Basic Attack TypesAdware • Adware may reconfigure a user’s computer and web browser to display extra, unwanted advertisements. • Like spyware, it may collect and report various data.

  8. Module Twelve Modern Attack Types

  9. Modern Attack Types Combination Attacks • In reality, viruses, Trojan horses, spyware, etc. are not distinct from one another. • For example, spyware may also • Introduce a backdoor into a user’s computer so the attacker can access it ,or • Recruit the computer for a zombie network.

  10. Modern Attack Types Blended Threats • Similarly, modern attacks often use the basic attacks we have described as buildingblocks. • These building blocks are simple pieces the attackers combine to make more complex malware.

  11. Modern Attack Types Blended Threats • These combined,complex, multi-pronged attacks are known as blendedthreats. • They have several different ways of taking over a computer. • Once in control, they have several different illicit activities.

  12. A modern blended Threat The W32.Spybot.KEG worm

  13. Modern Attack Types Blended Threats • An example of a blended threat is the worm known as W32.Spybot.KEG. • It combines several of the attack characteristics we have described.

  14. Modern Attack Types Blended Threats • W32.Spybot.KEG has several ways of attacking a computer: • It has a list of 129 common passwords that it uses to attempt to access computers. • For example: • “123”, • “access”, • “changeme”, • “password”, • “qwerty”

  15. Modern Attack Types Blended Threats • W32.Spybot.KEG has several ways of attacking a computer: • It checks for backdoor entry methods left by other, earlier attacks (e.g. Beagle, Sasser).

  16. Modern Attack Types Blended Threats • W32.Spybot.KEG has several ways of attacking a computer: • It checks to see if a computer can be attacked using about a half dozen different buffer overflow vulnerabilities.

  17. Modern Attack Types Blended Threats • Once W32.Spybot.KEG has control over a computer, it • Copies itself onto the compromised computer, • Attempts to attack other computers, and • Creates a back door channel for commands, turning the computer into part of a zombie network.

  18. Modern Attack Types Blended Threats • The W32.Spybot.KEG zombie network computers can then receive commands to do (among other things) • Log keystrokes at the computer, • Eavesdrop on the local network, • Start a web or file server, • Capture screenshots and webcam images, • Launch Denial of Service Attacks.

  19. Modern Attack Types Blended Threats • The W32.Spybot.KEG worm is typical of modern attacks. • It shows show complex modern attacks are. • And how flexible - • It has multiple ways to take over a computer, and • Once in control, has a wide variety of illicit activities it can do.

  20. Attack Kits

  21. Modern Attack Types Attack Kits • An important goal of legitimate software developers is to make it easier to write useful, bug-free computer code.

  22. Modern Attack Types Attack Kits • This is also true in the world of attack software, where “kits” are available where non-experts can piece together custom made attack programs.

  23. Modern Attack Types Attack Kits • This is an important development. • It allows amateur attackers (scriptkiddies) to mount attacks that they could not if they had to write the code themselves. • This increases the number of attacks enormously.

  24. Unit Two Operating Systems

  25. Operating SystemsUnit Outline Module 1: Operating System Basics Module 2: Attacking Operating Systems: Impersonation Module 3: Attacking Operating Systems: Exploits

  26. Module One Operating System Basics

  27. Operating System BasicsIntroduction • A Computer’s OperatingSystem typically does two major things. • It controls access to the various resources of the computer, and • It provides an interface - a way for the user to communicate with the computer.

  28. Operating System BasicsIntroduction • From a computer security perspective, we are mostly interested in the first part: • It controls access to the various resources of the computer. • It provides an interface - a way for the user to communicate with the computer.

  29. Operating System BasicsResources • The operating system is the computer program responsible for making the various parts of the computer available and useful to the user.

  30. Operating System BasicsResources • For example, the magnetic data on a disk drive is available to the user as directories and files.

  31. Operating System BasicsFile Systems • The way the computer organizes the • disks, CDs, and other storage media as • files and folders is known as the computer’s filesystem.

  32. Operating System BasicsFile Systems • The • design and • maintenance of a file system is one of the operating system’s primary responsibilities.

  33. Operating System BasicsAccess • In addition to presenting data as files and folders, the operating system is responsible for controlling access to the parts of the file system.

  34. Operating System BasicsAccess • For instance, computers can have multiple users, and the computer has to ensure that users only access files, folders, etc. to which they have legitimate rights.

  35. Operating System BasicsAccess Control • Here we begin to see how operating systems relate to security.

  36. Operating System BasicsAccess Control • An operating system is responsible for ensuring that • A user cannot read or write files belonging to another user who wishes to keep them private. • A user cannot access sensitive files used to administer the computer, e.g. a file containing all the users’ password information.

  37. Operating System BasicsControlling Access • Operating systems security can be thought of as simultaneously • Sharing, and • protecting the resources of the computers, such as: • Memory, • Input/Output devices, • Printers, • Programs, • Data, and • Networks.

  38. Operating System BasicsPrivileges and Permissions • Controlling access to resources is done using the concepts of • Privileges, and • Permissions.

  39. Operating System BasicsPrivileges and Permissions • Files, directories, and other resources on a computer have permissions associated with them. • These permissions determine what privileges the various users on a computer have to read, write or otherwise access those resources.

  40. Operating System BasicsPrivileges and Permissions • For example, • User A can set the permissions on most of her files and directories so that only she can read or write them.

  41. Operating System BasicsPrivileges and Permissions • For example, • However, she may set up a directory, perhaps called Public, with permissions allowing anyone to read its contents.

  42. Operating System BasicsPrivileges and Permissions • For example, • She might also set up a directory, called Dropbox, where others can put copies of files.

  43. Operating System BasicsPrivileges and Permissions • The idea is that she can control the access others have over her files and folders.

  44. Operating System BasicsPrivileges and Permissions • The operating system enforces these permission and privileges. • Whenever a user requests access to a file or directory, that request goes through the operating system, which checks to see if the user has permission to access that file before it is granted.

  45. Operating System BasicsAdministrative Users • Most operating systems recognize a distinction between the privileges of ordinary users, and one or more users that are allowed to administer the computer. • This prevents ordinary users from accessing critical system functions • Prevents accidentally damaging the system • Limits the damage done if an ordinary users account is compromised

  46. Operating System BasicsAdministrative Users • These administrative users, known as • Superusers, • Admins, or • Root have complete control over the machine. • Read and Modify any users files • Control any system resource • Create and destroy file systems on disks • Control network access to the machine

  47. Administrative Users • Very attractive to hackers to become the Administrative User on a machine • Most modern operating systems have ways of distributing administrative functions over other uses • Called roles • Often, “root” or “admin” logins disallowed

  48. Attacking Operating Systems: Impersonation Authentication • In order to have accounts for individual users, there must be methods to ensure that only the authorized people can use the accounts. • The methods to do this are known as authentication. • This is especially important for administrator accounts.

More Related