Wednesday, May 21, 2008

SEC520 Types To Regard As Security Personnel

You always need to access something pretend you want to print you must switch to partial system administration your software uses the network, its controlled but parts are making use of kernel states that have admin control,

Hackers will break the software right when that’s happening if they do that they can break the shell and have access control of the tat process, and that’s one of escalating privileges and that’s where the loop holes are, its like the cgi programs, it does things that a user cannot do that an escalation of privileges, implementing is really hard because its so hard its always going to flawed the trick is not to have it prefect but now be the low hanging side , the bigger the value of the prize the more stringent you have to be, if they can make 10million they will spend 1 mil,

You come up with policy rationale three things to think of ,


One thing is

1. Due Diligence – your legal obligations, protect it

2. Risk Analysis – Cost of Benefit “How much will it cost and how much am I going to lose” Intelligent guessing

3. Exceed the Standards - Why? Bear chase phenomenon if you in a party of campers you try to be faster then the other people,

History:

In the beginning of computers, their were no passwords wasent an issue originally first computers were batch operators, they do one job at a time, so a computer center, it would be in a basement where the banks of memory the size of a huge cabnit and you would do your punch card, so one job at a time controlled by an operator, one job at a time you couldn’t cross boundaries, “think” MIT came up with the concept of time sharing that not all process is busy all the time, theirs I/O, its split into chunks and they all had a dumb terminal, except for a big centralized machine, what happen that some people were getting access to things they weren’t suppose to, and some errors and data would overwrite because their were not access control stuff, because in the early days they didn’t know so they came with access and password, they didn’t like the idea the machine control what they could do, suddenly the system would dictate to them and was a huge loss of freedom, Richard Stallman, Their was quite a resisted against password, then they broke into the password file and tried to live in access one famous incident, one was setting the login procedure and he look at the login and a password file would come up.

Someone would have a password file like the /etc/passwd in linux when you login program must have access to the file to see if ur their it use to be user name and password what they came up with is a
one way hash(cryptography technique) user puts into a password and given to a hashing algorithm MD5, if you give this the same input it will come out with the same output, so they store the hash of the pass except the password itself whats stored is not the same what is put in,
2 characteristics

1. It cannot be reversed,
if I have this I cant figure out this,

2. Given input always produces same output,
2a. any change to input how ever small produces completely different output

If I change 1 letter the output will be completely different,

Have a good logging system, everything being keyed were being cached in the buffer and waiting to be given to the hash,

Other thing realize in login you shouldn’t log password, which means also logging user names with failed attempts

You want to store them from successful ones, you want ot know who they were and where they came from, something simple become complex,

You remember the CIA if you kick ur users off the system cause their making mistakes you are failing accessibility, once they solved that stuff, what’s the weakest link, the first element the employee, social engineering, they will use passwords that are easy, or they can use social engineering, have educations and user friendly policy easy to understand and educate the user why the policy is important, you can do this well, sec625 is human side of the security,

Issue of sniffing,

Don’t use telnet use ssh, make sure you have ssl happening, any password in the wire should be encrypted before going in the wire

ShoulderSurfing, someone watching u type,
They can be grayed the Astrix

Other types of sniffing, one of the links, think geek, it’s a key sniffer, if going on a pc keyboard it’s a key logger,

Monitor Radiation, Vantek, if you invest something monitoring e


Key board timing attacks – you can decrypt them

Cost benefit analysis

The Trojan login, thinking when you login you see a prompt user name and password, its not hard to duplicate that, here what you can do if you have access, you leave th screen on so write a program so ur program runs inside of the login then you present a error then it passes it to the system,

Ettercap, is an evil program, it makes it easy for man in the middle attacks insert urself in the browser and server, it makes arp poisoning easy, knowing this if your on a lan with strangers you should not do anything that private,

Authentication factors, three factors of authentication,
1. Something you know the most common example is a password
2. Something you have – token key
3. Something you are – bio metrics

First password, they are easy to implement , no need to buy hardware or software, weakness choose weak password, we all know this,

Strangth if someone has it,

Weakness it can be forgotten come to work without ur token you cannot login, stolen, required extra hardware, you have to install a token reader on every machine, if you use a special card or device it can be expensive

4. Bio-metrics – easy to fool, you cant get 100% of the percent the higher percent the more it costs, if I gets easy if can interfere with it you need a huge database something the gnarl public is using it needs a huge database, if you their checking ur finger at the boarder what kinda pipe line would you need, so yo need to think about things like this they can take photos of your eyes,

No comments: