static void insecure (localhost *unix)
|
|
- Camron Knight
- 8 years ago
- Views:
Transcription
1 static void insecure (localhost *unix) Eric Pancer Information Security Team DePaul University Securing UNIX Hosts from Local Attack p.1/32
2 Overview This presentation intends to help the audience better understand both security risks and techniques to combat local attacks against a UNIX host. We will focus on local security and not address any of the security risks involved in attaching to a network. <Blurb on why local security is important> Securing UNIX Hosts from Local Attack p.2/32
3 Scope The focus of this talk will be on newer UNIX variants that have become more common over the past 10 years. These include Linux BSD 4.4 variants OpenBSD FreeBSD While these aren t the only UNIX variants alive and well, they feature some of the more progressive security improvements. Securing UNIX Hosts from Local Attack p.3/32
4 What We Won t Cover While this talk will not focus on network security, it assumes that you have... Configured network applications to run under unique, unprivileged accounts. Disabled services not vital for production. Disabled unauthenticated services (r* services, anonymous ftp, fingerd). Implemented kernel level TCP/IP filtering and hardened your TCP/IP stack. Actively monitor traffic to and from the host. Securing UNIX Hosts from Local Attack p.4/32
5 Assumptions This talk assumes that you have a working knowledge of UNIX and understand the basics of a kernel, file-system, privileges, etc.. Securing UNIX Hosts from Local Attack p.5/32
6 Preface Securing UNIX Hosts from Local Attack p.6/32
7 The Good News Simple model: userland vs. privileged space. Securing UNIX Hosts from Local Attack p.7/32
8 The Good News Simple model: userland vs. privileged space. (Relatively) easy to audit via syslogd(8). Securing UNIX Hosts from Local Attack p.7/32
9 The Good News Simple model: userland vs. privileged space. (Relatively) easy to audit via syslogd(8). Aged, Securing UNIX Hosts from Local Attack p.7/32
10 The Good News Simple model: userland vs. privileged space. (Relatively) easy to audit via syslogd(8). Aged, Well understood, Securing UNIX Hosts from Local Attack p.7/32
11 The Good News Simple model: userland vs. privileged space. (Relatively) easy to audit via syslogd(8). Aged, Well understood, Reviewed source code, Securing UNIX Hosts from Local Attack p.7/32
12 The Good News Simple model: userland vs. privileged space. (Relatively) easy to audit via syslogd(8). Aged, Well understood, Reviewed source code, Even proprietary versions aren t very proprietary anymore. Securing UNIX Hosts from Local Attack p.7/32
13 The Good News Simple model: userland vs. privileged space. (Relatively) easy to audit via syslogd(8). Aged, Well understood, Reviewed source code, Even proprietary versions aren t very proprietary anymore. Modular. Securing UNIX Hosts from Local Attack p.7/32
14 The Good News Simple model: userland vs. privileged space. (Relatively) easy to audit via syslogd(8). Aged, Well understood, Reviewed source code, Even proprietary versions aren t very proprietary anymore. Modular. Based mostly on a simple language, C. Securing UNIX Hosts from Local Attack p.7/32
15 The Bad News Architecture is based on files... Securing UNIX Hosts from Local Attack p.8/32
16 The Bad News Architecture is based on files... Permissions can be confusing, Securing UNIX Hosts from Local Attack p.8/32
17 The Bad News Architecture is based on files... Permissions can be confusing, Devices can easily be replaced or backdoored. Securing UNIX Hosts from Local Attack p.8/32
18 The Bad News Architecture is based on files... Permissions can be confusing, Devices can easily be replaced or backdoored. Gaining access past userland usually leads to root. Securing UNIX Hosts from Local Attack p.8/32
19 The Bad News Architecture is based on files... Permissions can be confusing, Devices can easily be replaced or backdoored. Gaining access past userland usually leads to root. File descriptors, status codes, etc., difficult to securely keep track of. Securing UNIX Hosts from Local Attack p.8/32
20 The Bad News Architecture is based on files... Permissions can be confusing, Devices can easily be replaced or backdoored. Gaining access past userland usually leads to root. File descriptors, status codes, etc., difficult to securely keep track of. Long history of buffer overflows, and recently format string vulnerabilities. C isn t forgiving. Securing UNIX Hosts from Local Attack p.8/32
21 Goals Two major requirements in dealing host security are... Securing UNIX Hosts from Local Attack p.9/32
22 Goals Two major requirements in dealing host security are... Users. Securing UNIX Hosts from Local Attack p.9/32
23 Goals Two major requirements in dealing host security are... Users. A good rule of thumb is: once shell access is obtained, privileged access will soon follow. Securing UNIX Hosts from Local Attack p.9/32
24 Goals Two major requirements in dealing host security are... Users. A good rule of thumb is: once shell access is obtained, privileged access will soon follow. For this reason, shell access should be protected. Securing UNIX Hosts from Local Attack p.9/32
25 Goals Two major requirements in dealing host security are... Users. A good rule of thumb is: once shell access is obtained, privileged access will soon follow. For this reason, shell access should be protected. The Kernel. Securing UNIX Hosts from Local Attack p.9/32
26 Goals Two major requirements in dealing host security are... Users. A good rule of thumb is: once shell access is obtained, privileged access will soon follow. For this reason, shell access should be protected. The Kernel. The kernel is busy and can be fooled into trusting malicious code. Securing UNIX Hosts from Local Attack p.9/32
27 Goals Two major requirements in dealing host security are... Users. A good rule of thumb is: once shell access is obtained, privileged access will soon follow. For this reason, shell access should be protected. The Kernel. The kernel is busy and can be fooled into trusting malicious code. It isn t as smart when dealing large amounts of input; it will gladly overwrite memory segments. Securing UNIX Hosts from Local Attack p.9/32
28 Goals Two major requirements in dealing host security are... Users. A good rule of thumb is: once shell access is obtained, privileged access will soon follow. For this reason, shell access should be protected. The Kernel. The kernel is busy and can be fooled into trusting malicious code. It isn t as smart when dealing large amounts of input; it will gladly overwrite memory segments. The kernel panics and often cannot handle the type of an attacker will provide. Securing UNIX Hosts from Local Attack p.9/32
29 Goals Two major requirements in dealing host security are... Users. A good rule of thumb is: once shell access is obtained, privileged access will soon follow. For this reason, shell access should be protected. The Kernel. The kernel is busy and can be fooled into trusting malicious code. It isn t as smart when dealing large amounts of input; it will gladly overwrite memory segments. The kernel panics and often cannot handle the type of an attacker will provide. Truly, the kernel does not understand that someone was foolish when coding. Securing UNIX Hosts from Local Attack p.9/32
30 Where Can This Be Applied Shell servers. FTP servers. Everywhere. Securing UNIX Hosts from Local Attack p.10/32
31 Section One User Accounts and Environments Securing UNIX Hosts from Local Attack p.11/32
32 User Accounts Each user should be given a unique account. Use groups and train people how to use chmod(1). Set a default umask appropriately. Be proactive and do not rely on users to set this up! Don t be afraid to overly litter /etc/group. Remember, you can have (at least) groups. Securing UNIX Hosts from Local Attack p.12/32
33 Resource Exhaustion Building a restricted environment prevents resource exhaustion #include <sys/types.h> #include <unistd.h> void main(int argc, char* argv[]) { while(1) fork(); } Leads to something you might not like: 11:34AM up 326 days, 19:21, 142 users, load averages: 65.26, 55.20, Securing UNIX Hosts from Local Attack p.13/32
34 Restricted Environments Not completely safe, yet effective. Securing UNIX Hosts from Local Attack p.14/32
35 Restricted Environments Not completely safe, yet effective. Requires least amount of binaries be put in $PATH. Securing UNIX Hosts from Local Attack p.14/32
36 Restricted Environments Not completely safe, yet effective. Requires least amount of binaries be put in $PATH. Can be broken out of if you allow... Securing UNIX Hosts from Local Attack p.14/32
37 Restricted Environments Not completely safe, yet effective. Requires least amount of binaries be put in $PATH. Can be broken out of if you allow anything that calls exec(3)... find / -exec /bin/sh -i \{\}\ ; Securing UNIX Hosts from Local Attack p.14/32
38 Restricted Environments Not completely safe, yet effective. Requires least amount of binaries be put in $PATH. Can be broken out of if you allow anything that calls exec(3)... find / -exec /bin/sh -i \{\}\ ;... anything that uses sigsuspend(2)... export EDITOR=/usr/bin/vi; pine -z ;ˆZ Securing UNIX Hosts from Local Attack p.14/32
39 Restricted Environments Not completely safe, yet effective. Requires least amount of binaries be put in $PATH. Can be broken out of if you allow anything that calls exec(3)... find / -exec /bin/sh -i \{\}\ ;... anything that uses sigsuspend(2)... export EDITOR=/usr/bin/vi; pine -z ;ˆZ Requires many environmental variables to be set (see next slide) Securing UNIX Hosts from Local Attack p.14/32
40 Restricted Environments - Variables These variables should be set, at minimum, in a restricted environment. DISPLAY ENV HOME TERM TMP TMPDIR USER. Securing UNIX Hosts from Local Attack p.15/32
41 Restricted Environments - Variables These variables should be set, at minimum, in a restricted environment. DISPLAY ENV HOME TERM TMP TMPDIR USER. PATH. Securing UNIX Hosts from Local Attack p.15/32
42 Restricted Environments - Variables These variables should be set, at minimum, in a restricted environment. DISPLAY ENV HOME TERM TMP TMPDIR USER. PATH. LD_LIBRARY_PATH LD_PRELOAD (depends on shell). Securing UNIX Hosts from Local Attack p.15/32
43 Restricted Environments - Variables These variables should be set, at minimum, in a restricted environment. DISPLAY ENV HOME TERM TMP TMPDIR USER. PATH. LD_LIBRARY_PATH LD_PRELOAD (depends on shell). INPUTRC SHELLOPTS (if using bash). Securing UNIX Hosts from Local Attack p.15/32
44 Restricted Environments - Variables These variables should be set, at minimum, in a restricted environment. DISPLAY ENV HOME TERM TMP TMPDIR USER. PATH. LD_LIBRARY_PATH LD_PRELOAD (depends on shell). INPUTRC SHELLOPTS (if using bash). SHELL VISUAL EDITOR. Securing UNIX Hosts from Local Attack p.15/32
45 Restricted Environments - Builtins Shells have builtins many of which should be disabled. Under bash, set the following in /etc/profile enable -n cd enable -n declare enable -n export enable -n readonly enable -n set enable -n unset enable -n ulimit enable -n enable Securing UNIX Hosts from Local Attack p.16/32
46 Restricted Environments - Don t Be Fooled Don t be fooled: unless you remove all login profiles in /etc/profile before setting the restricting variables, the environment will be broken out of No guarantee is made that even building the environment will work. Restricted environments are difficult to maintain once you start adding more than a handful of applictations. Securing UNIX Hosts from Local Attack p.17/32
47 Section Two Files and File Systems Securing UNIX Hosts from Local Attack p.18/32
48 Files and File Systems - SUID/SGID Files The more the merrier? SUID/SGID file permissions should be removed on anything that isn t critical to a user. In a default Redhat 8.0 install you may find... Superfluous SUID bits == 20 (!) Superfluous SGID bits == 9 What s your definition of superfluous? :) Securing UNIX Hosts from Local Attack p.19/32
49 Files and File Systems - Problems Earlier versions of Solaris forgot to add a sticky bit to /tmp. Securing UNIX Hosts from Local Attack p.20/32
50 Files and File Systems - Problems Earlier versions of Solaris forgot to add a sticky bit to /tmp. Many platforms come with /usr/*bin/* as user writeable. Securing UNIX Hosts from Local Attack p.20/32
51 Files and File Systems - Problems Earlier versions of Solaris forgot to add a sticky bit to /tmp. Many platforms come with /usr/*bin/* as user writeable. /tmp is extremely useful for exploits that write shells as Securing UNIX Hosts from Local Attack p.20/32
52 File and File Systems - Beyond chmod chmod(1) is fine and dandy for file permissions, but cannot apply attributes. However, Securing UNIX Hosts from Local Attack p.21/32
53 File and File Systems - Beyond chmod chmod(1) is fine and dandy for file permissions, but cannot apply attributes. However, Linux: chattr -R +u /usr/*bin/* /*bin Securing UNIX Hosts from Local Attack p.21/32
54 File and File Systems - Beyond chmod chmod(1) is fine and dandy for file permissions, but cannot apply attributes. However, Linux: chattr -R +u /usr/*bin/* /*bin *BSD: chflags -R schg /usr/*bin/* /*bin /bsd* Securing UNIX Hosts from Local Attack p.21/32
55 File and File Systems - Mount Options Where possible, try and... Securing UNIX Hosts from Local Attack p.22/32
56 File and File Systems - Mount Options Where possible, try and......mount /usr read-only,nodev Securing UNIX Hosts from Local Attack p.22/32
57 File and File Systems - Mount Options Where possible, try and......mount /usr read-only,nodev...mount /tmp and /var noexec,nosuid,nodev Securing UNIX Hosts from Local Attack p.22/32
58 File and File Systems - Mount Options Where possible, try and......mount /usr read-only,nodev...mount /tmp and /var noexec,nosuid,nodev...mount /home nosuid,nodev Securing UNIX Hosts from Local Attack p.22/32
59 Double Standards What you ve just told me... Contradicts the keep up to date on patches philosophy. Doesn t allow easy changes to the system. Will cause the much avoided down-time. Securing UNIX Hosts from Local Attack p.23/32
60 Section Three The Kernel Securing UNIX Hosts from Local Attack p.24/32
61 Kernel - Dynamic Configuration Loadable Kernel Modules (LKM) are popular among all major unices. Popular for quite some time in Linux. Has made it s way (as KLD) to *BSD. Helps to dynamically configure an infinite state machine. Makes end-user life easier. How is the kernel to tell if foobar.o is a third-party device driver or part of a rootkit? Securing UNIX Hosts from Local Attack p.25/32
62 Kernel - Risks of LKM s An attacker can spoof replies from fstat(2) and gladly tell your file integrity checker that /bsd wasn t replaced before yesterday s reboot. Securing UNIX Hosts from Local Attack p.26/32
63 Kernel - Risks of LKM s An attacker can spoof replies from fstat(2) and gladly tell your file integrity checker that /bsd wasn t replaced before yesterday s reboot. The attacker may insert code to selectively copy some, or all, data accepted on an interface to a file, named pipe, etc. Securing UNIX Hosts from Local Attack p.26/32
64 Kernel - Risks of LKM s An attacker can spoof replies from fstat(2) and gladly tell your file integrity checker that /bsd wasn t replaced before yesterday s reboot. The attacker may insert code to selectively copy some, or all, data accepted on an interface to a file, named pipe, etc. The attacker can modify the cryptographic framework if loaded as a module. This could be disastrous for <insert large number here> reasons! Securing UNIX Hosts from Local Attack p.26/32
65 Kernel - Risks of LKM s An attacker can spoof replies from fstat(2) and gladly tell your file integrity checker that /bsd wasn t replaced before yesterday s reboot. The attacker may insert code to selectively copy some, or all, data accepted on an interface to a file, named pipe, etc. The attacker can modify the cryptographic framework if loaded as a module. This could be disastrous for <insert large number here> reasons! A rootkit may be installed on the system with known signatures for security programs, and attacker-defined ways of faking their requests. Securing UNIX Hosts from Local Attack p.26/32
66 Kernel - Risks of LKM s An attacker can spoof replies from fstat(2) and gladly tell your file integrity checker that /bsd wasn t replaced before yesterday s reboot. The attacker may insert code to selectively copy some, or all, data accepted on an interface to a file, named pipe, etc. The attacker can modify the cryptographic framework if loaded as a module. This could be disastrous for <insert large number here> reasons! A rootkit may be installed on the system with known signatures for security programs, and attacker-defined ways of faking their requests. Oh, so many possibilities! Securing UNIX Hosts from Local Attack p.26/32
67 Kernel - Combating LKM Insecurities Permit only signed modules to be inserted into the kernel. Securing UNIX Hosts from Local Attack p.27/32
68 Kernel - Combating LKM Insecurities Permit only signed modules to be inserted into the kernel. Requires cryptographic framework to part of the core kernel. Securing UNIX Hosts from Local Attack p.27/32
69 Kernel - Combating LKM Insecurities Permit only signed modules to be inserted into the kernel. Requires cryptographic framework to part of the core kernel. Where do the signatures come from? Hopefully not from the same host! Securing UNIX Hosts from Local Attack p.27/32
70 Kernel - Combating LKM Insecurities Permit only signed modules to be inserted into the kernel. Requires cryptographic framework to part of the core kernel. Where do the signatures come from? Hopefully not from the same host! Will still be vulnerable if the attacker can backdoor the kernel loader. Securing UNIX Hosts from Local Attack p.27/32
71 Kernel - Combating LKM Insecurities Permit only signed modules to be inserted into the kernel. Requires cryptographic framework to part of the core kernel. Where do the signatures come from? Hopefully not from the same host! Will still be vulnerable if the attacker can backdoor the kernel loader. Makes for a much larger kernel. Why bother? Securing UNIX Hosts from Local Attack p.27/32
72 Kernel - Combating LKM Insecurities Permit only signed modules to be inserted into the kernel. Requires cryptographic framework to part of the core kernel. Where do the signatures come from? Hopefully not from the same host! Will still be vulnerable if the attacker can backdoor the kernel loader. Makes for a much larger kernel. Why bother? Linux 2.4 provides CAP_SYS_MODULE. Securing UNIX Hosts from Local Attack p.27/32
73 Kernel - Combating LKM Insecurities Permit only signed modules to be inserted into the kernel. Requires cryptographic framework to part of the core kernel. Where do the signatures come from? Hopefully not from the same host! Will still be vulnerable if the attacker can backdoor the kernel loader. Makes for a much larger kernel. Why bother? Linux 2.4 provides CAP_SYS_MODULE. StMichael: Monitors init_module and delete_module under Linux 2.2 and 2.4. Securing UNIX Hosts from Local Attack p.27/32
74 Kernel - Combating LKM Insecurities Permit only signed modules to be inserted into the kernel. Requires cryptographic framework to part of the core kernel. Where do the signatures come from? Hopefully not from the same host! Will still be vulnerable if the attacker can backdoor the kernel loader. Makes for a much larger kernel. Why bother? Linux 2.4 provides CAP_SYS_MODULE. StMichael: Monitors init_module and delete_module under Linux 2.2 and 2.4. Do away with LKM s (my vote). Securing UNIX Hosts from Local Attack p.27/32
75 More Security Defenses - Linux Openwall patches are useful for older 2.2 kernels. Builds a non-executable user stack area. Restricts games played in /tmp. Handles file-descriptors 0, 1 and 2 better. Destroys memory segments not in use. Gentoo Linux is now built with gcc 3.2+ProPolice. More development is taking place in Linux to increase the core security, but it is sloooooow. Securing UNIX Hosts from Local Attack p.28/32
76 More Security Defenses - OpenBSD As of 3.2-stable OpenBSD now has a non-executable stack under 5 architectures (i386, sun4m, sparc64, alpha, macppc). Can facilitate systrace(1) and execute applications according to defined policies. Binaries are built with gcc 3.2+ProPolice. Securing UNIX Hosts from Local Attack p.29/32
77 More Security Defenses - FreeBSD FreeBSD can be hardened by implementing the TrustedBSD patches to the core system. Mandatory access control modules and access control lists for files/filesystems permit more granular security policies to be imposed system-wide. Improved privilege structures will assist in reducing the amount of privileges required to run applications. While the TrustedBSD work doesn t apply directly to FreeBSD, much of the work is back-ported to FreeBSD. Securing UNIX Hosts from Local Attack p.30/32
78 Conclusion Contribute security related code to open-source movements. Take base system tools and improve them. Write your own advancements for UNIX, Hint: It would be nice to have kernel functions that deny access to any files... Hint: Re-engineering isn t necessarily a bad thing... Securing UNIX Hosts from Local Attack p.31/32
79 Thank You Thanks for your time. For security related help contact For incident related help, contact Questions of comments are welcome! Contact me at Visit us on the Web at < Securing UNIX Hosts from Local Attack p.32/32
Safety measures in Linux
S a f e t y m e a s u r e s i n L i n u x Safety measures in Linux Krzysztof Lichota lichota@mimuw.edu.pl A g e n d a Standard Unix security measures: permissions, capabilities, ACLs, chroot Linux kernel
More informationUnix Security Technologies: Host Security Tools. Peter Markowsky <peterm[at]ccs.neu.edu>
Unix Security Technologies: Host Security Tools Peter Markowsky Syllabus An Answer to last week s assignment Four tools SSP W^X PaX Systrace Last time You were assigned to get a
More informationSY0-201. system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.
system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. From a high-level standpoint, attacks on computer systems and networks can be grouped
More informationUnix Security Technologies. Pete Markowsky <peterm[at] ccs.neu.edu>
Unix Security Technologies Pete Markowsky What is this about? The goal of this CPU/SWS are: Introduce you to classic vulnerabilities Get you to understand security advisories Make
More informationWorms, Trojan Horses and Root Kits
Worms, Trojan Horses and Root Kits Worms A worm is a type of Virus that is capable of spreading and replicating itself autonomously over the internet. Famous Worms Morris Internet worm (1988) Currently:
More informationNETWORK SECURITY HACKS *
NETWORK SECURITY HACKS * Andrew %pckhart Ji O'REILLY* Beijing Cambridge Farnham Koln Paris Sebastopol Taipei Tokyo Contents Credits Preface ix xi Chapter 1. Unix Host Security 1 1. Secure Mount Points
More informationinside: THE MAGAZINE OF USENIX & SAGE April 2003 volume 28 number 2 SECURITY Chuvakin: Ups and Downs of UNIX/Linux Host-Based Security Solutions
THE MAGAZINE OF USENIX & SAGE April 2003 volume 28 number 2 inside: SECURITY Chuvakin: Ups and Downs of UNIX/Linux Host-Based Security Solutions & The Advanced Computing Systems Association & The System
More informationSecure Software Programming and Vulnerability Analysis
Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Operations and Denial of Service Secure Software Programming 2 Overview
More informationForensic analysis of a Linux web server
Mathieu Deous Julien Reveret Forensic analysis of a Linux web server 1 Agenda Who are we? Performing forensic analysis on a compromised web server What to search, where, how? Logs but also dynamic analysis
More informationEECS 354 Network Security. Introduction
EECS 354 Network Security Introduction Why Learn To Hack Understanding how to break into computer systems allows you to better defend them Learn how to think like an attacker Defense then becomes second-nature
More informationLinux Overview. The Senator Patrick Leahy Center for Digital Investigation. Champlain College. Written by: Josh Lowery
Linux Overview Written by: Josh Lowery The Senator Patrick Leahy Center for Digital Investigation Champlain College October 29, 2012 Disclaimer: This document contains information based on research that
More informationRed Hat. www.redhat.com. By Karl Wirth
Red Hat Enterprise Linux 5 Security By Karl Wirth Abstract Red Hat Enterprise Linux has been designed by, and for, the most security-conscious organizations in the world. Accordingly, security has always
More informationCSE 265: System and Network Administration
CSE 265: System and Network Administration MW 1:10-2:00pm Maginnes 105 http://www.cse.lehigh.edu/~brian/course/sysadmin/ Find syllabus, lecture notes, readings, etc. Instructor: Prof. Brian D. Davison
More informationSystem Security Fundamentals
System Security Fundamentals Alessandro Barenghi Dipartimento di Elettronica, Informazione e Bioingegneria Politecnico di Milano alessandro.barenghi - at - polimi.it April 28, 2015 Lesson contents Overview
More informationNETWORK SECURITY HACKS
SECOND EDITION NETWORK SECURITY HACKS 2008 AGI-Information Management Consultants May be used for personal purporses only or by libraries associated to dandelon.com network. Andrew Lockhart O'REILLY Beijing
More informationChapter 7: Unix Security. Chapter 7: 1
Chapter 7: Unix Security Chapter 7: 1 Objectives Understand the security features provided by a typical operating system. Introduce the basic Unix security model. See how general security principles are
More informationOperating System Structure
Operating System Structure Lecture 3 Disclaimer: some slides are adopted from the book authors slides with permission Recap Computer architecture CPU, memory, disk, I/O devices Memory hierarchy Architectural
More informationContents III: Contents II: Contents: Rule Set Based Access Control (RSBAC) 4.2 Model Specifics 5.2 AUTH
Rule Set Based Access Control (RSBAC) Linux Kernel Security Extension Tutorial Amon Ott Contents: 1 Motivation: Why We Need Better Security in the Linux Kernel 2 Overview of RSBAC 3 How
More informationExample of Standard API
16 Example of Standard API System Call Implementation Typically, a number associated with each system call System call interface maintains a table indexed according to these numbers The system call interface
More informationOracle Solaris Security: Mitigate Risk by Isolating Users, Applications, and Data
Oracle Solaris Security: Mitigate Risk by Isolating Users, Applications, and Data Will Fiveash presenter, Darren Moffat author Staff Engineer Solaris Kerberos Development Safe Harbor Statement The following
More informationHP Education Services
HP Education Services HP-UX Security (H3541S) Concerned about system security? HP s updated and enhanced HP-UX Security course can help you secure your systems and mitigate risks. Designed for experienced
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationVMWARE Introduction ESX Server Architecture and the design of Virtual Machines
Introduction........................................................................................ 2 ESX Server Architecture and the design of Virtual Machines........................................
More informationEmbedded Software Development
Linköpings Tekniska Högskola Institutionen för Datavetanskap (IDA), Software and Systems (SaS) TDDI11, Embedded Software 2010-04-22 Embedded Software Development Host and Target Machine Typical embedded
More informationHow To Set Up An Ip Firewall On Linux With Iptables (For Ubuntu) And Iptable (For Windows)
Security principles Firewalls and NAT These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (http://creativecommons.org/licenses/by-nc/3.0/) Host vs Network
More informationSoftware Vulnerabilities
Software Vulnerabilities -- stack overflow Code based security Code based security discusses typical vulnerabilities made by programmers that can be exploited by miscreants Implementing safe software in
More informationChapter 15 Operating System Security
Operating Systems: Internals and Design Principles Chapter 15 Operating System Security Eighth Edition By William Stallings System Access Threats System access threats fall into two general categories:
More informationHotZone. Theory of Operations Configuration Management
HotZone Theory of Operations Configuration Management What is HotZone? Free low-interaction honeypot Source code available (not Open Source but freely downloadable) Designed to be kitted up as a standalone
More informationAuditing and Hardening Unix Systems Using CIS benchmarks on SUSE Linux
Auditing and Hardening Unix Systems Using CIS benchmarks on SUSE Linux André Carrington, P.Eng, CISSP, CISM Unix experience: 13 years SunOS; NeXTSTEP; Sun Interactive; Wyse Unix; BSD; Solaris; QNX; HP-UX;
More informationSecure Web Application Coding Team Introductory Meeting December 1, 2005 1:00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda
Secure Web Application Coding Team Introductory Meeting December 1, 2005 1:00 2:00PM Bits & Pieces Room, Sansom West Room 306 Agenda 1. Introductions for new members (5 minutes) 2. Name of group 3. Current
More informationDetecting the Presence of Virtual Machines Using the Local Data Table
Detecting the Presence of Virtual Machines Using the Local Data Table Abstract Danny Quist {chamuco@gmail.com} Val Smith {mvalsmith@metasploit.com} Offensive Computing http://www.offensivecomputing.net/
More informationSystem Management. Leif Nixon. a security perspective 1/37
1/37 System Management a security perspective Leif Nixon 2/37 System updates Should we ever update the system? Some common update strategies: 1. If it works, don t touch it! 2. We pick and choose the most
More informationRunning a Default Vulnerability Scan
Running a Default Vulnerability Scan A Step-by-Step Guide www.saintcorporation.com Examine. Expose. Exploit. Welcome to SAINT! Congratulations on a smart choice by selecting SAINT s integrated vulnerability
More informationSecuring your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation
Securing your Virtual Datacenter Part 1: Preventing, Mitigating Privilege Escalation Before We Start... Today's discussion is by no means an exhaustive discussion of the security implications of virtualization
More informationRunning a Default Vulnerability Scan SAINTcorporation.com
SAINT Running a Default Vulnerability Scan A Step-by-Step Guide www.saintcorporation.com Examine. Expose. Exploit. Install SAINT Welcome to SAINT! Congratulations on a smart choice by selecting SAINT s
More informationHow to use PDFlib products with PHP
How to use PDFlib products with PHP Last change: July 13, 2011 Latest PDFlib version covered in this document: 8.0.3 Latest version of this document available at: www.pdflib.com/developer/technical-documentation
More informationCSE 265: System and Network Administration. CSE 265: System and Network Administration
CSE 265: System and Network Administration MW 9:10-10:00am Packard 258 F 9:10-11:00am Packard 112 http://www.cse.lehigh.edu/~brian/course/sysadmin/ Find syllabus, lecture notes, readings, etc. Instructor:
More informationSoftware security. Buffer overflow attacks SQL injections. Lecture 11 EIT060 Computer Security
Software security Buffer overflow attacks SQL injections Lecture 11 EIT060 Computer Security Buffer overflow attacks Buffer overrun is another common term Definition A condition at an interface under which
More informationWeb Application Security
Chapter 1 Web Application Security In this chapter: OWASP Top 10..........................................................2 General Principles to Live By.............................................. 4
More informationAutomating Linux Malware Analysis Using Limon Sandbox Monnappa K A monnappa22@gmail.com
Automating Linux Malware Analysis Using Limon Sandbox Monnappa K A monnappa22@gmail.com A number of devices are running Linux due to its flexibility and open source nature. This has made Linux platform
More informationLocal File Sharing in Linux
Local File Sharing in Linux Would you like to share files among multiple users on the same Linux system? Surprisingly, this is trickier to accomplish than it appears, so here is a method that works. The
More informationFeatures. The Samhain HIDS. Overview of available features. Rainer Wichmann
Overview of available features November 1, 2011 POSIX (e.g. Linux, *BSD, Solaris 2.x, AIX 5.x, HP-UX 11, and Mac OS X. Windows 2000 / WindowsXP with POSIX emulation (e.g. Cygwin). Please note that this
More informationNetwork and Host-based Vulnerability Assessment
Network and Host-based Vulnerability Assessment A guide for information systems and network security professionals 6600 Peachtree-Dunwoody Road 300 Embassy Row Atlanta, GA 30348 Tel: 678.443.6000 Toll-free:
More informationA REVIEW OF METHODS FOR SECURING LINUX OPERATING SYSTEM
A REVIEW OF METHODS FOR SECURING LINUX OPERATING SYSTEM 1 V.A.Injamuri Govt. College of Engineering,Aurangabad, India 1 Shri.injamuri@gmail.com Abstract This paper is focused on practical securing Linux
More informationLinux Security on HP Servers: Security Enhanced Linux. Abstract. Intended Audience. Technical introduction
Linux Security on HP Servers: Security Enhanced Linux Technical introduction This white paper -- one in a series of Linux security white papers -- discusses Security Enhanced Linux (SELinux), a mandatory
More informationLinux Operating System Security
Linux Operating System Security Kenneth Ingham and Anil Somayaji September 29, 2009 1 Course overview This class is for students who want to learn how to configure systems to be secure, test the security
More informationSCP - Strategic Infrastructure Security
SCP - Strategic Infrastructure Security Lesson 1 - Cryptogaphy and Data Security Cryptogaphy and Data Security History of Cryptography The number lock analogy Cryptography Terminology Caesar and Character
More informationRed Hat Linux Internals
Red Hat Linux Internals Learn how the Linux kernel functions and start developing modules. Red Hat Linux internals teaches you all the fundamental requirements necessary to understand and start developing
More informationOperating System Structures
COP 4610: Introduction to Operating Systems (Spring 2015) Operating System Structures Zhi Wang Florida State University Content Operating system services User interface System calls System programs Operating
More informationAccess Control Lists in Linux & Windows
Access Control Lists in Linux & Windows Vasudevan Nagendra & Yaohui Chen Categorization: Access Control Mechanisms Discretionary Access Control (DAC): Owner of object specifies who can access object (files/directories)
More informationLinux Security Ideas and Tips
Linux Security Ideas and Tips Hugh Brown Sr. Systems Administrator ITS Enterprise Infrastructure University of Iowa October 8, 2014 Hugh Brown (University of Iowa) Linux Security Ideas and Tips October
More informationDenial Of Service. Types of attacks
Denial Of Service The goal of a denial of service attack is to deny legitimate users access to a particular resource. An incident is considered an attack if a malicious user intentionally disrupts service
More informationPlain English Guide To Common Criteria Requirements In The. Field Device Protection Profile Version 0.75
Plain English Guide To Common Criteria Requirements In The Field Device Protection Profile Version 0.75 Prepared For: Process Control Security Requirements Forum (PCSRF) Prepared By: Digital Bond, Inc.
More informationSecurity and Operating Systems It s the Application
What is Security? Internal Roles Protecting Whom? Operating Systems 1 / 38 What is Security? Internal Roles Protecting Whom? What is operating system security? How do operating systems contribute to system
More informationCS 377: Operating Systems. Outline. A review of what you ve learned, and how it applies to a real operating system. Lecture 25 - Linux Case Study
CS 377: Operating Systems Lecture 25 - Linux Case Study Guest Lecturer: Tim Wood Outline Linux History Design Principles System Overview Process Scheduling Memory Management File Systems A review of what
More informationTopics in Network Security
Topics in Network Security Jem Berkes MASc. ECE, University of Waterloo B.Sc. ECE, University of Manitoba www.berkes.ca February, 2009 Ver. 2 In this presentation Wi-Fi security (802.11) Protecting insecure
More informationLeak Check Version 2.1 for Linux TM
Leak Check Version 2.1 for Linux TM User s Guide Including Leak Analyzer For x86 Servers Document Number DLC20-L-021-1 Copyright 2003-2009 Dynamic Memory Solutions LLC www.dynamic-memory.com Notices Information
More informationPort Scanning and Vulnerability Assessment. ECE4893 Internetwork Security Georgia Institute of Technology
Port Scanning and Vulnerability Assessment ECE4893 Internetwork Security Georgia Institute of Technology Agenda Reconnaissance Scanning Network Mapping OS detection Vulnerability assessment Reconnaissance
More informationHomeland Security Red Teaming
Homeland Security Red Teaming Directs intergovernmental coordination Specifies Red Teaming Viewing systems from the perspective of a potential adversary Target hardening Looking for weakness in existing
More informationTraditional Rootkits Lrk4 & KNARK
Traditional Rootkits Lrk4 & KNARK Based on a paper by John Levine & Julian Grizzard http://users.ece.gatech.edu/~owen/research/conference%20publications/rookit_southeastcon2003.pdf ECE 4883 Internetwork
More informationTABLE OF CONTENT. Page 2 of 9 INTERNET FIREWALL POLICY
IT FIREWALL POLICY TABLE OF CONTENT 1. INTRODUCTION... 3 2. TERMS AND DEFINITION... 3 3. PURPOSE... 5 4. SCOPE... 5 5. POLICY STATEMENT... 5 6. REQUIREMENTS... 5 7. OPERATIONS... 6 8. CONFIGURATION...
More informationAuditing a Web Application. Brad Ruppert. SANS Technology Institute GWAS Presentation 1
Auditing a Web Application Brad Ruppert SANS Technology Institute GWAS Presentation 1 Objectives Define why application vulnerabilities exist Address Auditing Approach Discuss Information Interfaces Walk
More informationNixu SNS Security White Paper May 2007 Version 1.2
1 Nixu SNS Security White Paper May 2007 Version 1.2 Nixu Software Limited Nixu Group 2 Contents 1 Security Design Principles... 3 1.1 Defense in Depth... 4 1.2 Principle of Least Privilege... 4 1.3 Principle
More informationProtect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities
Protect Your IT Infrastructure from Zero-Day Attacks and New Vulnerabilities Protecting a business s IT infrastructure is complex. Take, for example, a retailer operating a standard multi-tier infrastructure
More informationWhat s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.
What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things. AGENDA Current State of Information Security Data Breach Statics Data Breach Case Studies Why current
More informationCSE 265: System and Network Administration. CSE 265: System and Network Administration
CSE 265: System and Network Administration WF 9:10-10:00am Packard 258 M 9:10-11:00am Packard 112 http://www.cse.lehigh.edu/~brian/course/sysadmin/ Find syllabus, lecture notes, readings, etc. Instructor:
More informationHow To Set Up A Net Integration Firewall
Net Integration Technologies, Inc. http://www.net itech.com Net Integrator Firewall Technical Overview Version 1.00 TABLE OF CONTENTS 1 Introduction...1 2 Firewall Architecture...2 2.1 The Life of a Packet...2
More informationFAME Operating Systems
FAME Operating Systems 2012 David Picard contributors : Arnaud Revel, Mickaël Maillard picard@ensea.fr 1. Introduction A very simple computer Goals of an operating system Hardware management Task management
More informationAnalysis of the Linux Audit System 1
Analysis of the Linux Audit System 1 Authors Bruno Morisson, MSc (Royal Holloway, 2014) Stephen Wolthusen, ISG, Royal Holloway Overview Audit mechanisms on an operating system (OS) record relevant system
More informationBetriebssysteme KU Security
Betriebssysteme KU Security IAIK Graz University of Technology 1 1. Drivers 2. Security - The simple stuff 3. Code injection attacks 4. Side-channel attacks 2 1. Drivers 2. Security - The simple stuff
More informationEugene Tsyrklevich. Ozone HIPS: Unbreakable Windows
Eugene Tsyrklevich Eugene Tsyrklevich has an extensive security background ranging from designing and implementing Host Intrusion Prevention Systems to training people in research, corporate, and military
More informationSecurity: Attack and Defense
Security: Attack and Defense Aaron Hertz Carnegie Mellon University Outline! Breaking into hosts! DOS Attacks! Firewalls and other tools 15-441 Computer Networks Spring 2003 Breaking Into Hosts! Guessing
More informationFile System Encryption with Integrated User Management
File System Encryption with Integrated User Management Stefan Ludwig Corporate Technology Siemens AG, Munich fsfs@stefan-ludwig.de Prof. Dr. Winfried Kalfa Operating Systems Group Chemnitz University of
More informationProject 2: Firewall Design (Phase I)
Project 2: Firewall Design (Phase I) CS 161 - Joseph/Tygar November 12, 2006 1 Edits If we need to make clarifications or corrections to this document after distributing it, we will post a new version
More informationCSE331: Introduction to Networks and Security. Lecture 17 Fall 2006
CSE331: Introduction to Networks and Security Lecture 17 Fall 2006 Announcements Project 2 is due next Weds. Homework 2 has been assigned: It's due on Monday, November 6th. CSE331 Fall 2004 2 Summary:
More information1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained
home Network Vulnerabilities Detail Report Grouped by Vulnerability Report Generated by: Symantec NetRecon 3.5 Licensed to: X Serial Number: 0182037567 Machine Scanned from: ZEUS (192.168.1.100) Scan Date:
More informationUnix Network Security
/ UnixNetworkSecuirty-05-2004-CIT-ACDS Unix Network Security Mehmet Balman / Introduction A machine connected to phone lines or local network has the potential for intruders. Therefore security aspect
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationJ-202. IT 4823 Information Security Administration. Linux Security Model. Linux Security. In Room. Linux Security April 23
Final Exam Final exam date: May 5, 4:00 5:50 PM. IT 4823 Information Security Administration Linux Security April 23 In Room J-202 Notice: This session is being recorded. Lecture slides prepared by Dr
More informationFirewalls. Chien-Chung Shen cshen@cis.udel.edu
Firewalls Chien-Chung Shen cshen@cis.udel.edu The Need for Firewalls Internet connectivity is essential however it creates a threat vs. host-based security services (e.g., intrusion detection), not cost-effective
More informationUsing Term to Pierce an Internet Firewall mini HOWTO
Using Term to Pierce an Internet Firewall mini HOWTO Barak Pearlmutter bap@cs.unm.edu David C. Merrill david@lupercalia.net Copyright 1996 by Barak Pearlmutter Copyright 2001 by David C. Merrill Revision
More informationIncremental Backup Script. Jason Healy, Director of Networks and Systems
Incremental Backup Script Jason Healy, Director of Networks and Systems Last Updated Mar 18, 2008 2 Contents 1 Incremental Backup Script 5 1.1 Introduction.............................. 5 1.2 Design Issues.............................
More informationChapter 14: Access Control Mechanisms
Chapter 14: Access Control Mechanisms Access control lists Capabilities Locks and keys Ring-based access control Propagated access control lists Slide #14-1 Overview Access control lists Capability lists
More informationIntrusion Detection using the Linux Audit Framework. Stephen Quinney <squinney@inf.ed.ac.uk> School of Informatics University of Edinburgh
Intrusion Detection using the Linux Audit Framework Stephen Quinney School of Informatics University of Edinburgh the only secure computer is one that s unplugged... Two Distinct
More informationCryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur
Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 40 Firewalls and Intrusion
More information3. Broken Account and Session Management. 4. Cross-Site Scripting (XSS) Flaws. Web browsers execute code sent from websites. Account Management
What is an? s Ten Most Critical Web Application Security Vulnerabilities Anthony LAI, CISSP, CISA Chapter Leader (Hong Kong) anthonylai@owasp.org Open Web Application Security Project http://www.owasp.org
More informationIT6204 Systems & Network Administration. (Optional)
Systems & Network Administration (Optional) INTRODUCTION This is one of the Optional courses designed for Semester 6 of the Bachelor of Information Technology Degree program. This course on Systems & Network
More informationHands-On Ethical Hacking and Network Defense Second Edition Chapter 8 Desktop and Server OS Vulnerabilities
Objectives After reading this chapter and completing the exercises, you will be able to: Describe vulnerabilities of Windows and Linux operating systems Identify specific vulnerabilities and explain ways
More informationIS L06 Protect Servers and Defend Against APTs with Symantec Critical System Protection
IS L06 Protect Servers and Defend Against APTs with Symantec Critical System Protection Description Lab flow At the end of this lab, you should be able to Discover how to harness the power and capabilities
More informationSecure computing: SELinux
Secure computing: SELinux Michael Wikberg Helsinki University of Technology Michael.Wikberg@wikberg.fi Abstract Using mandatory access control greatly increases the security of an operating system. SELinux,
More informationFirewalls and Intrusion Detection
Firewalls and Intrusion Detection What is a Firewall? A computer system between the internal network and the rest of the Internet A single computer or a set of computers that cooperate to perform the firewall
More information1 Culminating project
1 Culminating project The project is meant for you to delve into a specific topic of computer security that interests you. Projects are meant to be instructive and fun. We encourage and expect you to apply
More informationWindows Security. CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger. www.cse.psu.edu/~tjaeger/cse497b-s07/
Windows Security CSE497b - Spring 2007 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse497b-s07/ Windows Security 0 to full speed No protection system in early versions
More informationX05. An Overview of Source Code Scanning Tools. Loulwa Salem. Las Vegas, NV. IBM Corporation 2006. IBM System p, AIX 5L & Linux Technical University
X05 An Overview of Source Code Scanning Tools Loulwa Salem Las Vegas, NV Objectives This session will introduce better coding practices and tools available to aid developers in producing more secure code.
More informationIntroduction to UNIX and SFTP
Introduction to UNIX and SFTP Introduction to UNIX 1. What is it? 2. Philosophy and issues 3. Using UNIX 4. Files & folder structure 1. What is UNIX? UNIX is an Operating System (OS) All computers require
More informationHost/Platform Security. Module 11
Host/Platform Security Module 11 Why is Host/Platform Security Necessary? Firewalls are not enough All access paths to host may not be firewall protected Permitted traffic may be malicious Outbound traffic
More informationOracle security done right. Secure database access on the (unix and linux) operating system level.
Oracle security done right. Secure database access on the (unix and linux) operating system level. By Frits Hoogland, VX Company Security is an important part of modern database administration, and is
More informationSystem Health and Intrusion Monitoring Using a Hierarchy of Constraints
System Health and Intrusion Monitoring Using a Hierarchy of Constraints Calvin Ko NAI Labs, Network Associates, Inc. Jeff Rowe University of California, Davis October 2001 Historical Behavior Attacks /
More informationSecurity Best Practice
Security Best Practice Presented by Muhibbul Muktadir Tanim mmtanim@gmail.com 1 Hardening Practice for Server Unix / Linux Windows Storage Cyber Awareness & take away Management Checklist 2 Hardening Server
More informationSecuring Commercial Operating Systems
C H A P T E R 7 Securing Commercial Operating Systems Since the discovery of the reference monitor concept during the development of Multics, there have been many projects to retrofit existing commercial
More information