Presentation is loading. Please wait.

Presentation is loading. Please wait.

Recent Security Threats & Vulnerabilities Computer security Bob Cowles HEPiX, Spring 2004 – Edinburgh, UK Work supported by.

Published bySophia Garrett Modified over 10 years ago

Similar presentations

Presentation on theme: "Recent Security Threats & Vulnerabilities Computer security Bob Cowles HEPiX, Spring 2004 – Edinburgh, UK Work supported by."— Presentation transcript:

1 Recent Security Threats & Vulnerabilities Computer security Bob Cowles bob.cowles@slac.stanford.edu HEPiX, Spring 2004 – Edinburgh, UK Work supported by U. S. Department of Energy contract DE-AC03-76SF00515

2 25 May 2004HEPiX - Spring 20042 Windows uWorms uWindows AD & SUS for patching uViruses uWeb exposures (IE) uLeaked code for WinNT & Win2K

3 25 May 2004HEPiX - Spring 20043 MSBlaster Released MSBlaster at SLAC

4 25 May 2004HEPiX - Spring 20044 Sasser Experience (MS 04-011) uPatched Quickly l Servers within 10 hours l All workstations within 80 hours uVPN changes l No access to local drives of desktops l Firestorm of protest l Disappeared after dust settled (Citrix & RDP) uOngoing problems w/ unpatched systems

5 25 May 2004HEPiX - Spring 20045 AD & SUS for patching uProblematic patching l Office vs.Windows Update l Front Page DLLs l MDAC uMachine vs. User GPOs uSUS Update times uNew Installs uXP SP2 has many improvements (in 2005)

6 25 May 2004HEPiX - Spring 20046 Visitor BaBar Detector BSD Remote access HEP Accelerator SSRL BSD-Private SLAC Basic Internet The way we were …

7 25 May 2004HEPiX - Spring 20047 Visitor BaBar Detector Remote access HEP Accelerator SSRL SLAC Basic Internet The way we were … BSD BSD-Private

8 25 May 2004HEPiX - Spring 20048 Visitor BaBar Detector Remote access HEP Accelerator SSRL SLAC Basic Internet The way we were … BSD BSD-Private

9 25 May 2004HEPiX - Spring 20049 Visitor BaBar Detector Remote access HEP Accelerator SSRL SLAC Basic Internet The way we were … BSD BSD-Private

10 25 May 2004HEPiX - Spring 200410 Visitor BaBar Detector Remote access HEP Accelerator SSRL SLAC Basic Internet The way we were … BSD BSD-Private

11 25 May 2004HEPiX - Spring 200411 Visitor BaBar Detector BSD Remote access HEP Accelerator SSRL BSD-Private SLAC Basic Internet Servers The way we are now …

12 25 May 2004HEPiX - Spring 200412 Visitor BaBar Detector Remote access HEP Accelerator SSRL SLAC Basic Internet Servers The way we are now … BSD BSD-Private

13 25 May 2004HEPiX - Spring 200413 Visitor BaBar Detector Remote access HEP Accelerator SSRL SLAC Basic Internet Servers The way we are now … BSD BSD-Private

14 25 May 2004HEPiX - Spring 200414 Visitor BaBar Detector Remote access HEP Accelerator SSRL SLAC Basic Internet Servers The way we are now … BSD BSD-Private

15 25 May 2004HEPiX - Spring 200415 Viruses uMore sophistication (Bobax and Kibuv) uZip files uEncrypted zip files uFrom microsoft.com uFrom security@ uRun automatically uLeave backdoors; smtp for spam

16 25 May 2004HEPiX - Spring 200416 IE Exposures uNumerous unpatched vulnerabilities uCannot escape IE (but can control) uUnclear how much XP SP2 will fix uThere is still problem of user knowledge

17 25 May 2004HEPiX - Spring 200417 Unix & Linux uLocal Exploits = Remote Exploits umremap (2 times) uASN.1 udo_brk uSolaris: vfs_getvfsws() uCDE dt….. uXfree86 uyp*

18 25 May 2004HEPiX - Spring 200418 Universities & Labs uExploits against Solaris, AIX, Linux uAttacker(s) seem sophisticated uInstall SK rootkit on Linux uInstall trojaned sshd l gets passwords from keyboard/tty entry l accesses RSA keys uCracks yp or kerberos password files uOne time password tokens are in your future

19 25 May 2004HEPiX - Spring 200419 Cisco uRouter uBGP (TCP problem) uWireless access points uPIX uStolen code for IOS

20 25 May 2004HEPiX - Spring 200420 Security Software uCheckpoint uBlack Ice uZone Alarm uISS RealSecure (IDS) uTCPDump / Ethereal uNorton anti-virus uPIX

21 25 May 2004HEPiX - Spring 200421 Macintosh uUSB Keyboard - ^C gives local root uApple File Server bo uQuicktime bo uURL processing in Terminal app uSafari – Help system bo uVolume URI handler registration (no fix)

22 25 May 2004HEPiX - Spring 200422 Other Software uGrid – Slashdot & 2600 uIM software – AIM & Yahoo Messenger uCVS uRealPlayer uWinzip uWeb HP JetAdmin uAcrobat Reader 5.1 uDameware & Serv-U

23 25 May 2004HEPiX - Spring 200423 DameWare How I spent my Christmas vacation

24 25 May 2004HEPiX - Spring 200424 DameWare (2) uOver 13 different Warez kits installed u30 compromised machine, half used for scanning other systems uftp speed tests were run to measure suitability for storing warez uServ-U ftp and Radmin installed at random port numbers. uLook at Hacker Defender – rootkit for Windows available in source to avoid AV scanners

25 25 May 2004HEPiX - Spring 200425 Email uEvils of HTML email l Its big & it hides bad stuff uPhishing scams l Citibank, eBay, PayPal uOutlook 2003 setting (reg for Outlook XP) udidtheyreadit.com

26 25 May 2004HEPiX - Spring 200426 Outlook 2003 Tools -> Options -> Preferences

27 25 May 2004HEPiX - Spring 200427 didtheyreadit.com uEmail tracking using transparent gif image uNot clear how they track time open uFollows forwarding of email uTechnically easily defeated l but most dont know how

28 25 May 2004HEPiX - Spring 200428 Final Thoughts uAttacks coming faster; attackers getting smarter uComplex attacks using multiple vulnerabilities uNo simple solution works l Patching helps l Firewalls help l AV & attachment removal help l Encrypted passwords/tunnels help uYou cant be secure; only more secure uWe must share information better l HEPiX Security email list – do we need a PGP encrypted remailer?

Download ppt "Recent Security Threats & Vulnerabilities Computer security Bob Cowles HEPiX, Spring 2004 – Edinburgh, UK Work supported by."

Similar presentations

Oct 28, 2004WPES 20041 Off-the-Record Communication, or, Why Not to Use PGP Nikita Borisov Ian Goldberg Eric Brewer.

Oct 28, 2004WPES Off-the-Record Communication, or, Why Not to Use PGP Nikita Borisov Ian Goldberg Eric Brewer.
This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.
2.008 -Spring 20041 2.008 Process Control. 2.008 -Spring 20042 Outline 1.Optimization 2.Statistical Process Control 3.In-Process Control.

Spring Process Control Spring Outline 1.Optimization 2.Statistical Process Control 3.In-Process Control.
2.008 Manufacturing Systems

2.008 Manufacturing Systems
Security Update Server Registration, Active scanning and Windows patching.

Security Update Server Registration, Active scanning and Windows patching.
Keep Your PC Safe (Windows 7, Vista or XP) Nora Lucke 02/05/2012 Documents - security.

Keep Your PC Safe (Windows 7, Vista or XP) Nora Lucke 02/05/2012 Documents - security.
SLAC Remote Access and Citrix XPe Brian Scott SLAC May 2004.

SLAC Remote Access and Citrix XPe Brian Scott SLAC May 2004.
HEPIX May 2004 Edinburgh Linux/Unix highlights.

HEPIX May 2004 Edinburgh Linux/Unix highlights.
UKOLN is supported by: Future-proofing the Technology – Addressing the Challenge Dr Liz Lyon, UKOLN, University of Bath, UK Collaboration for Sustainability.

UKOLN is supported by: Future-proofing the Technology – Addressing the Challenge Dr Liz Lyon, UKOLN, University of Bath, UK Collaboration for Sustainability.
D. Elia, R. SantoroITS week / SPD meeting - May 12, 20041 Test beam data analysis D. Elia, R. Santoro – Bari SPD Group Alignments, plane rotation for setup.

D. Elia, R. SantoroITS week / SPD meeting - May 12, Test beam data analysis D. Elia, R. Santoro – Bari SPD Group Alignments, plane rotation for setup.
June 2008 Surf Safely with a Clean Computer Roger Thornburn.

June 2008 Surf Safely with a Clean Computer Roger Thornburn.
17 May 20041 Multiple Sites. 17 May 20042 Multiple Sites This presentation assumes you are already familiar with Doors and all its standard commands It.

17 May Multiple Sites. 17 May Multiple Sites This presentation assumes you are already familiar with Doors and all its standard commands It.
An Advanced Shell Theory Based Tire Model by D. Bozdog, W. W. Olson Department of Mechanical, Industrial and Manufacturing Engineering The 23 rd Annual.

An Advanced Shell Theory Based Tire Model by D. Bozdog, W. W. Olson Department of Mechanical, Industrial and Manufacturing Engineering The 23 rd Annual.
Automating Test File Creation Using Excel, UltraEdit, and Batch files to build test data.

Automating Test File Creation Using Excel, UltraEdit, and Batch files to build test data.
© Pearson Education Limited, 20041 Chapter 8 Normalization Transparencies.

© Pearson Education Limited, Chapter 8 Normalization Transparencies.
David Evans CS200: Computer Science University of Virginia Computer Science Lecture 6: Cons car cdr sdr wdr.

David Evans CS200: Computer Science University of Virginia Computer Science Lecture 6: Cons car cdr sdr wdr.
Interaction of Particles with Matter

Interaction of Particles with Matter
1 Cluster Operating System Support For Parallel Autonomic Computing Andrzej M. Goscinski, J. Silcock, M. Hobbs School of Information Technology Deakin.

1 Cluster Operating System Support For Parallel Autonomic Computing Andrzej M. Goscinski, J. Silcock, M. Hobbs School of Information Technology Deakin.
David Evans CS200: Computer Science University of Virginia Computer Science Class 38: Intractable Problems (Smiley Puzzles.

David Evans CS200: Computer Science University of Virginia Computer Science Class 38: Intractable Problems (Smiley Puzzles.
· SoftScan Solna Strandväg 78 171 54 Solna Sweden The less you hear from us the better Shhh… The less.

· SoftScan Solna Strandväg Solna Sweden The less you hear from us the better Shhh… The less.

Similar presentations

Ads by Google