Presentation is loading. Please wait.

Presentation is loading. Please wait.

Methods of Secure Information System Design

Published by地 尤 Modified over 7 years ago

Similar presentations

Presentation on theme: "Methods of Secure Information System Design"— Presentation transcript:

1 Methods of Secure Information System Design
Overview Lars Noodén September – October 2008

2 "The only difference between a bug and a security hole is the intelligence of the attacker."
Security holes are bad design and / or implementation.

3 "Linus' Law" "Given enough eyeballs, all bugs are shallow."
"Release Early, Release Often" The Cathedral and the Bazaar. v3 Eric Steven Raymond (1997/2000) bazaar/ar01s04.html

4 http://techrepublic-cnet. com
industry-security-circus/ _ html

5 Sysjail Sometimes mistakes in very principles http://sysjail.bsd.lv/
The sysjail tools are currently vulnerable to exploitation due to handling semantics of user/kernel memory in concurrent environments, in inheriting from systrace(4) Until these problems have been addressed, it is not recommend to use sysjail, or any systrace(4) tools, including systrace(1), for security purposes. sysjail will continue to be updated for future releases of implementing system

6 Race Condition Exploiting Concurrency Vulnerabilities in System Call Wrappers. Robert N. M. Watson. (2007) exploitingconcurrency.pdf

7 Presentation Exploiting Concurrency Vulnerabilities in System Call Wrappers. Robert N. M. Watson. (2007) concurrency.pdf

8 So that affects only BSD, right?
exploiting-concurrency-vulnerabilities-in-system-call-wrappers-and-the- evil-genius/

9 Vulnerability – a weakness that can be used to violate system security, allowing inappropriate usage or access main difference between a bug and a vulnerability is the intelligence of the attacker Exploit – a specific method of using a vulnerability to violate system security, either manually or in a self- replicating program Advisory – a report warning of risk

10 Exercise How to best fiddle metrics by combining or rearranging reports on advisories, exploits and vulnerabilities?

11

12 Incident – report of successful use of an exploit
Remote Exploit – a way of using a vulnerability without having to be logged into a user account Local Exploit – a way of using a vulnerability that only works when already logged in as an authorized user Zero-day Exploit – a public-relations term usually referring to an automated exploit that is visible about the same time as a patch is released ... or vice versa

13 hacker – someone who enjoys using, adapting and understanding technologies and tools
hack – quick and / or clever way of solving a problem cracker – someone who breaks into systems see: "Internet Users' Glossary." Malkin and Parker, editors. (1993)

14 Definitions black hat – the bad guys in the old cowboy movies often wore black hats; subjective term white hat – the good guys in the old cowboy movies often wore white hats; subjective term grey hat – not everything is XOR see "The Jargon Lexicon"

15 Timeline black hats discover vulnerability
white hats discover vulnerability exploits available to black hats exploits available to white hats vulnerability made public vendor informed vendor acknowledges vulnerability vendor announces patch vendor publishes patch vendor publishes a patch that works exploits used manually exploits used by self-replicating tools not in any particular order

16 The Bad Joke that Won't End
"The researcher who posted details earlier this week of the bugs reacted by offering screenshots of the Word crashes and wondering why Microsoft disputed his findings [the MS spokeswoman] acknowledged Microsoft won't classify the flaws as security problems. Rather, the behavior of Word 2007 is a feature, not a bug." Basic&articleId=

17 Buffer Overflow Timeline
OpenBSD's IPv6 mbufs remote kernel buffer overflow The OpenBSD team believed it was only a remote DoS vulnerability until proof of concept code was provided and then re-labeled it as such immediately. Oops Treat all buffer overflows as potentially exploitable Lots of BSD code suspected in MS Windows

18 Exercise How to best measure response time and effectiveness?

19 Methods of Secure Information System Design
Overview Lars Noodén September – October 2008

20

Download ppt "Methods of Secure Information System Design"

Similar presentations

ETHICAL HACKING A LICENCE TO HACK

ETHICAL HACKING A LICENCE TO HACK
ETHICAL HACKING.

ETHICAL HACKING.
Vulnerabilities Reporting What works, and what doesn’t Black Hat Briefings, 1999

Vulnerabilities Reporting What works, and what doesn’t Black Hat Briefings, 1999
GHOST glibc gethostbyname() Vulnerability CVE-2015-0235 Johannes B. Ullrich, Ph.D. SANS Technology Institute https://isc.sans.edu.

GHOST glibc gethostbyname() Vulnerability CVE Johannes B. Ullrich, Ph.D. SANS Technology Institute
Black, White, Grey Hat Hackers Not all hackers are bad…which one’s which?

Black, White, Grey Hat Hackers Not all hackers are bad…which one’s which?
Security and Open Source: the 2-Edged Sword Crispin Cowan, Ph.D WireX Communications, Inc wirex.com.

Security and Open Source: the 2-Edged Sword Crispin Cowan, Ph.D WireX Communications, Inc wirex.com.
Windows 7 Project and Heartbleed Update Sian Shumway Director, IT Customer Service.

Windows 7 Project and Heartbleed Update Sian Shumway Director, IT Customer Service.
A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047.

A Complete Tool For System Penetration Testing Presented By:- Mahesh Kumar Sharma B.Tech IV Year Computer Science Roll No. :- CS09047.
Rootkit Definition A rootkit is a collection of tools (programs) that enable administrator-level access to a computer or computer network. Typically, a.

Rootkit Definition A rootkit is a collection of tools (programs) that enable administrator-level access to a computer or computer network. Typically, a.
1 CHAPTER 1 POLITICS. 2 Definitions Of The Word Hacker Hacker – someone who has achieved some level of expertise with a computer Hacker – someone who.

1 CHAPTER 1 POLITICS. 2 Definitions Of The Word Hacker Hacker – someone who has achieved some level of expertise with a computer Hacker – someone who.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)

INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.

Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.
Patching MIT SUS Services IS&T Network Infrastructure Services Team.

Patching MIT SUS Services IS&T Network Infrastructure Services Team.
This is a work of the U.S. Government and is not subject to copyright protection in the United States. The OWASP Foundation OWASP AppSec DC October 2005.

This is a work of the U.S. Government and is not subject to copyright protection in the United States. The OWASP Foundation OWASP AppSec DC October 2005.
Vulnerabilities. flaws in systems that allow them to be exploited provide means for attackers to compromise hosts, servers and networks.

Vulnerabilities. flaws in systems that allow them to be exploited provide means for attackers to compromise hosts, servers and networks.
Software Engineering Aspects of Web Based Development Cathy Huttenhoff Software Engineer Senior Seminar Fall 2009.

Software Engineering Aspects of Web Based Development Cathy Huttenhoff Software Engineer Senior Seminar Fall 2009.
W HAT DOES EXPLOIT MEAN ? A ND THE S ASSER WORM Seminar on Software Engineering, Short Presentation 07.02.2008 Christian Gruber.

W HAT DOES EXPLOIT MEAN ? A ND THE S ASSER WORM Seminar on Software Engineering, Short Presentation Christian Gruber.
Adam L. Jacobs, CISSP Principal Program Manager, Oracle 15/16 November 2005 Why is Commercial Software So Vulnerable (and How Can We Fix It)?

Adam L. Jacobs, CISSP Principal Program Manager, Oracle 15/16 November 2005 Why is Commercial Software So Vulnerable (and How Can We Fix It)?
A Scientific Approach to Software Security Dennis Fisher May 15, 2012 The Kaspersky Lab Security News Service.

A Scientific Approach to Software Security Dennis Fisher May 15, 2012 The Kaspersky Lab Security News Service.
Varun Sharma Application Consulting and Engineering (ACE) Team, Microsoft India.

Varun Sharma Application Consulting and Engineering (ACE) Team, Microsoft India.

Similar presentations

Ads by Google