Presentation is loading. Please wait.

Presentation is loading. Please wait.

Vulnerabilities of Windows XP Brock Prince Dana Zottola ECE 578 Spring 2002 C.K. Koc.

Published byMilo Andrews Modified over 9 years ago

Similar presentations

Presentation on theme: "Vulnerabilities of Windows XP Brock Prince Dana Zottola ECE 578 Spring 2002 C.K. Koc."— Presentation transcript:

1 Vulnerabilities of Windows XP Brock Prince Dana Zottola ECE 578 Spring 2002 C.K. Koc

2 Outline Introduction Universal Plug and Play (UPnP)  Unchecked Buffer  Denial of Service  Distributed Denial of Service Discovery of Vulnerabilities Patch Conclusions

3 Introduction Universal Plug and Play is a valuable feature, and a growing trend in network systems Windows XP claimed to be secure against hackers 3 Vulnerabilities found related to UPnP in Windows XP

4 Universal Plug and Play (UPnP) Detects and connects to:  Computers  Intelligent appliances  Wireless devices Defines set of protocols for connection  Allows for easy configuration

5 Universal Plug and Play (UPnP) Example:  User connects laptop to: Network  Print server  DSL router  Fax machine  Other computers

6 Universal Plug and Play (UPnP)

7 Six basic layers:  Device addressing  Device discovery  Device description  Action invocation  Event messaging  Presentation or human interface

8 Remotely Exploitable Buffer An attacker can gain remote SYSTEM level access to any default installation of Windows XP Unchecked buffer in one of the components that handle the NOTIFY directives  Send a specially malformed NOTIFY directive, and it is possible for an attacker to run code in the context of the UPnP subsystem, which runs with System priviledges on Windows XP.

9 Denial of Service Attack Denial of Service (DoS) attacks crash a system, and the user has to physically power cycle the machine to regain functionality The UPnP feature of Windows XP leaves the system vulnerable to DoS attacks

10 Distributed Denial of Service Attack Distributed Denial of Service (DDoS) attacks cause many systems to flood or attack a single host. The UPnP and raw socket support features of Windows XP leave the system vulnerable to DDoS attacks Raw Sockets (Not Related to UPnP)

11 Discovery of Vulnerabilities eEye Digital Security  Believe there are several security issues with the UPnP protocol  Found 3 vulnerabilities within Microsoft’s implementation of UPnP  Alerted Microsoft immediately upon discovery of the vulnerabilities

12 Patch Available soon after vulnerabilities discovered Downloadable from: http://www.microsoft.com/technet/security/bullet in/MS01-059.asp

13 Conclusions UPnP is a good idea Windows XP is vulnerable upon default installation, but patch is available Raw socket support still under debate

14 References [1] http://www.microsoft.com/Downloads/Release.asp?ReleaseID=34951http://www.microsoft.com/Downloads/Release.asp?ReleaseID=34951 [2] http://www.microsoft.com/technet/security/bulletin/ms01-059.asphttp://www.microsoft.com/technet/security/bulletin/ms01-059.asp [3] http://www.eeye.com/html/press/PR20011220.htmlhttp://www.eeye.com/html/press/PR20011220.html [4] http://www.eeye.com/html/Research/Advisories/AD20011220.htmlhttp://www.eeye.com/html/Research/Advisories/AD20011220.html [5] http://special.northernlight.com/windowsxp/security_flaw.htm#dochttp://special.northernlight.com/windowsxp/security_flaw.htm#doc [6] http://grc.com/dos/xpsummary.htmhttp://grc.com/dos/xpsummary.htm [7] http://special.northernlight.com/windowsxp/pentagon.htm#dochttp://special.northernlight.com/windowsxp/pentagon.htm#doc [8] http://www.nwfusion.com/news/2001/1015threatxp.htmlhttp://www.nwfusion.com/news/2001/1015threatxp.html [9] http://www.irchelp.org/irchelp/nuke/http://www.irchelp.org/irchelp/nuke/ [10] http://www.cnet.com/software/0-6688749-8-7004399-6.htmlhttp://www.cnet.com/software/0-6688749-8-7004399-6.html

Download ppt "Vulnerabilities of Windows XP Brock Prince Dana Zottola ECE 578 Spring 2002 C.K. Koc."

Similar presentations

REFLEX INTRUSION PREVENTION SYSTEM.. OVERVIEW The Reflex Interceptor appliance is an enterprise- level Network Intrusion Prevention System. It is designed.

REFLEX INTRUSION PREVENTION SYSTEM.. OVERVIEW The Reflex Interceptor appliance is an enterprise- level Network Intrusion Prevention System. It is designed.
Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.

Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.
Chapter 17: WEB COMPONENTS

Chapter 17: WEB COMPONENTS
Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.
Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
How’s My Network (HMN)? A Java approach to Home Network Measurement Alan Ritacco, Craig Wills, and Mark Claypool Computer Science Department Worcester.

How’s My Network (HMN)? A Java approach to Home Network Measurement Alan Ritacco, Craig Wills, and Mark Claypool Computer Science Department Worcester.
Introduction to Security Computer Networks Computer Networks Term B10.

Introduction to Security Computer Networks Computer Networks Term B10.
Rheeve: A Plug-n-Play Peer- to-Peer Computing Platform Wang-kee Poon and Jiannong Cao Department of Computing, The Hong Kong Polytechnic University ICDCSW.

Rheeve: A Plug-n-Play Peer- to-Peer Computing Platform Wang-kee Poon and Jiannong Cao Department of Computing, The Hong Kong Polytechnic University ICDCSW.
Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA © Abdou Illia.
PROGRESS project: Internet-enabled monitoring and control of embedded systems (EES.5413)  Introduction Networked devices make their capabilities known.

PROGRESS project: Internet-enabled monitoring and control of embedded systems (EES.5413)  Introduction Networked devices make their capabilities known.
The MS Blaster worm Presented by: Zhi-Wen Ouyang.

The MS Blaster worm Presented by: Zhi-Wen Ouyang.
Wi-Fi Structures.

Wi-Fi Structures.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 8: Implementing and Managing Printers.
Hussain Ali Department of Computer Engineering KFUPM, Dhahran, Saudi Arabia Microsoft Networking.

Hussain Ali Department of Computer Engineering KFUPM, Dhahran, Saudi Arabia Microsoft Networking.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
Universal Plug and Play (UPnP) Presented by: Kamal Kamal Kamal Kamal Mohammad Atieh Mohammad Atieh.

Universal Plug and Play (UPnP) Presented by: Kamal Kamal Kamal Kamal Mohammad Atieh Mohammad Atieh.

Similar presentations

Ads by Google