1 / 13

Computer Security Update

Computer Security Update. Bob Cowles, SLAC bob.cowles @ stanford.edu Presented to HEPiX at Fermilab 23 Oct 2002. Work supported by U. S. Department of Energy contract DE-AC03-76SF00515. Areas. Solaris Cisco Linux IIS Internet Explorer Windows Misc Virus & Worm Conclusions News.

sheryl
Télécharger la présentation

Computer Security Update

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer Security Update Bob Cowles, SLAC bob.cowles@stanford.edu Presented to HEPiX at Fermilab 23 Oct 2002 Work supported by U. S. Department of Energy contract DE-AC03-76SF00515

  2. Areas • Solaris • Cisco • Linux • IIS • Internet Explorer • Windows • Misc • Virus & Worm • Conclusions • News HEPiX – Bob Cowles – SLAC

  3. Solaris • /bin/login • ssh & OpenSSH • in.talkd • cachefsd • xdr_array bo (affects OpenAFS too) • ttdbserver • TTYPROMPT HEPiX – Bob Cowles – SLAC

  4. Cisco • ssh • Aironet wireless APs (telnet) • ntp daemon • httpd • default passwords HEPiX – Bob Cowles – SLAC

  5. Linux • ssh • wu-ftp • glibc • OpenSSH • glibc (reboot required) • Bugzilla • OpenSSL HEPiX – Bob Cowles – SLAC

  6. Apache • Transfer chunking • mod_ssl off-by-one • shared memory scoreboard - scripting HEPiX – Bob Cowles – SLAC

  7. IIS • Cookie handling error (cross domains) • .htr heap overflow • Office Web components • SmartHTML interpreter • .htr transfer chunking HEPiX – Bob Cowles – SLAC

  8. Internet Explorer • file name spoofing • VBScript read local files • jpeg scripting • Gopher protocol error • SSL cert checking error (Outlook, too) • Cached objects HEPiX – Bob Cowles – SLAC

  9. Windows • MS SQL Server & Media Player • UPNP • XMLHTTP • JVM • Debugger • MS Office document grabbing • Network Connection Manager • Windows XP SP1 HEPiX – Bob Cowles – SLAC

  10. Misc • OpenVMS DECwindows Motif Server • Add’l files indexed by Google • AOL AIM & Yahoo Messenger • snmp • PGP buffer overflow • libbind resolver buffer overflow • MIME send by reference (RFC 2046) • TCP/IP ambiguity HEPiX – Bob Cowles – SLAC

  11. Virus & Worm • Magistr • badtrans • Goner • Myparty: www.myparty.yahoo.com • Frethem (your password) • Klez • Bugbear HEPiX – Bob Cowles – SLAC

  12. Conclusions (almost the same) • Poor administration is still a major problem • Firewalls cannot substitute for patches • Multiple levels of virus/worm protection are necessary • Clue is more important than source HEPiX – Bob Cowles – SLAC

  13. News • OpenSSH trojaned http://www.cert.org/advisories/CA-2002-24.html • 20 things to make your system safe and secure (really!) http://www.sans.org/top20/ • New versions of PGP .. incl. version 8.0 beta for Windows http://www.pgp.com/beta80.php • SMTP trojaned http://www.cert.org/advisories/CA-2002-28.html • Flash and Warhol worms http://www.icir.org/vern/papers/cdc-usenix-sec02/index.html • Attack on root DNS servers http://www.washingtonpost.com/wp-dyn/articles/A828-2002Oct22.html HEPiX – Bob Cowles – SLAC

More Related