1 / 13

Enhancing Cybersecurity: Key Threats and Solutions Presented by Bob Cowles at HEPiX

This presentation by Bob Cowles at the HEPiX conference in October 2002 covers essential areas of computer security, analyzing vulnerabilities in systems including Solaris, Cisco, Linux, IIS, Internet Explorer, and Windows. Highlights include critical issues such as SSH security, virus threats like Klez and Bugbear, and challenges with bug handling in systems. The talk emphasizes the importance of robust administration, security patches, and proactive virus defense strategies, urging IT professionals to stay updated with the latest security news and patches.

sheryl
Télécharger la présentation

Enhancing Cybersecurity: Key Threats and Solutions Presented by Bob Cowles at HEPiX

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer Security Update Bob Cowles, SLAC bob.cowles@stanford.edu Presented to HEPiX at Fermilab 23 Oct 2002 Work supported by U. S. Department of Energy contract DE-AC03-76SF00515

  2. Areas • Solaris • Cisco • Linux • IIS • Internet Explorer • Windows • Misc • Virus & Worm • Conclusions • News HEPiX – Bob Cowles – SLAC

  3. Solaris • /bin/login • ssh & OpenSSH • in.talkd • cachefsd • xdr_array bo (affects OpenAFS too) • ttdbserver • TTYPROMPT HEPiX – Bob Cowles – SLAC

  4. Cisco • ssh • Aironet wireless APs (telnet) • ntp daemon • httpd • default passwords HEPiX – Bob Cowles – SLAC

  5. Linux • ssh • wu-ftp • glibc • OpenSSH • glibc (reboot required) • Bugzilla • OpenSSL HEPiX – Bob Cowles – SLAC

  6. Apache • Transfer chunking • mod_ssl off-by-one • shared memory scoreboard - scripting HEPiX – Bob Cowles – SLAC

  7. IIS • Cookie handling error (cross domains) • .htr heap overflow • Office Web components • SmartHTML interpreter • .htr transfer chunking HEPiX – Bob Cowles – SLAC

  8. Internet Explorer • file name spoofing • VBScript read local files • jpeg scripting • Gopher protocol error • SSL cert checking error (Outlook, too) • Cached objects HEPiX – Bob Cowles – SLAC

  9. Windows • MS SQL Server & Media Player • UPNP • XMLHTTP • JVM • Debugger • MS Office document grabbing • Network Connection Manager • Windows XP SP1 HEPiX – Bob Cowles – SLAC

  10. Misc • OpenVMS DECwindows Motif Server • Add’l files indexed by Google • AOL AIM & Yahoo Messenger • snmp • PGP buffer overflow • libbind resolver buffer overflow • MIME send by reference (RFC 2046) • TCP/IP ambiguity HEPiX – Bob Cowles – SLAC

  11. Virus & Worm • Magistr • badtrans • Goner • Myparty: www.myparty.yahoo.com • Frethem (your password) • Klez • Bugbear HEPiX – Bob Cowles – SLAC

  12. Conclusions (almost the same) • Poor administration is still a major problem • Firewalls cannot substitute for patches • Multiple levels of virus/worm protection are necessary • Clue is more important than source HEPiX – Bob Cowles – SLAC

  13. News • OpenSSH trojaned http://www.cert.org/advisories/CA-2002-24.html • 20 things to make your system safe and secure (really!) http://www.sans.org/top20/ • New versions of PGP .. incl. version 8.0 beta for Windows http://www.pgp.com/beta80.php • SMTP trojaned http://www.cert.org/advisories/CA-2002-28.html • Flash and Warhol worms http://www.icir.org/vern/papers/cdc-usenix-sec02/index.html • Attack on root DNS servers http://www.washingtonpost.com/wp-dyn/articles/A828-2002Oct22.html HEPiX – Bob Cowles – SLAC

More Related