Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/031 A Real World Attack: wu-ftp Cao er kai ( 曹爾凱 )

Slides:



Advertisements
Similar presentations
Penetration Testing & Countermeasures Paul Fong & Cai Yu CS691 5 May 2003.
Advertisements

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
Cybersecurity Training in a Virtual Environment By Chinedum Irrechukwu.
SECURITY EVALUATION OF AN ORGANIZATION TA Md Morshedul Islam.
Information Networking Security and Assurance Lab National Chung Cheng University Kai, 2004 INSA1 Using Kismet to enhance the security level in enterprise.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Cryptography and Network Security Chapter 20 Intruders
System Security Scanning and Discovery Chapter 14.
ITP 457 Network Security Network Hacking 101. Hacking Methodology (review) 1. Gather target information 2. Identify services and ports open on the target.
Information Networking Security and Assurance Lab National Chung Cheng University Network Security (I) 授課老師 : 鄭伯炤 Office: Dept. of Communication Rm #112.
Exploits Dalia Solomon. Categories Trojan Horse Attacks Trojan Horse Attacks Smurf Attack Smurf Attack Port Scan Port Scan Buffer Overflow Buffer Overflow.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Vulnerability Analysis Borrowed from the CLICS group.
Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/041 Auditing your Microsoft Windows system Host-Based Intrusion.
Information Networking Security and Assurance Lab National Chung Cheng University 1 A Vulnerability Assessment NIKTO.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
2004, Jei Nessus A Vulnerability Assessment tool A Security Scanner Information Networking Security and Assurance Lab National Chung Cheng University
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Simple Source Auditing Tools Roy INSA. Outline FLAWFINDER RATS.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Host-Based Intrusion Detection software TRIPWIRE & MD5.
Information Networking Security and Assurance Lab National Chung Cheng University F.I.R.E. Forensics & Incident Response Environment.
Information Networking Security and Assurance Lab National Chung Cheng University WebGoat.
Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.
Guide To UNIX Using Linux Third Edition
Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.
2004, Jei F.I.R.E. Forensics & Incident Response Environment Information Networking Security and Assurance Lab National Chung Cheng University.
Information Networking Security and Assurance Lab National Chung Cheng University Live Data Collection from Unix Systems.
Information Networking Security and Assurance Lab National Chung Cheng University Yaha.
Hacking Unix/Linux.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.
Penetration Testing.
2440: 141 Web Site Administration Remote Web Server Access Tools Instructor: Enoch E. Damson.
4/13/2010.  CSS Meeting  Stephen Crane on Programming Contests  1pm  Building 8 room /11/10.
October 22, 2008 CSC 682 Security Analysis of the Diebold AccuVote – TS Voting Machine Feldman, Halderman and Felten Presented by: Ryan Lehan.
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.
1 Nessus - NASL Marmagna Desai [592- Project]. 2 Agenda Introduction –Nessus –Nessus Attack Scripting Language [ N A S L] Features –Nessus –NASL Testing.
CIS 450 – Network Security Chapter 16 – Covering the Tracks.
Detection and Prevention of Buffer Overflow Exploit Cai Jun Anti-Virus Section Manager R&D Department Beijing Rising Tech. Corp. LTD.
Buffer Overflows Lesson 14. Example of poor programming/errors Buffer Overflows result of poor programming practice use of functions such as gets and.
The In’s and Out’s of the IIS 6.0 Migration Tool The In’s and Out’s of the IIS 6.0 Migration Tool Chris Adams Web Platform Supportability Lead Microsoft.
COEN 350 Security Threats. Network Based Exploits Phases of an Attack  Reconnaissance  Scanning  Gaining Access  Expanding Access  Covering Tracks.
Penetration Testing Training Day Penetration Testing Tools and Techniques – pt 1 Mike Westmacott, IRM plc Supported by.
System Hacking Active System Intrusion. Aspects of System Hacking System password guessing Password cracking Key loggers Eavesdropping Sniffers Man in.
1 Security Penetration Testing Angela Davis Mrinmoy Ghosh ECE4112 – Internetwork Security Georgia Institute of Technology.
Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.
1 Linux Networking and Security Chapter 5. 2 Configuring File Sharing Services Configure an FTP server for anonymous or regular users Set up NFS file.
REMOTE LOGIN. TEAM MEMBERS AMULYA GURURAJ 1MS07IS006 AMULYA GURURAJ 1MS07IS006 BHARGAVI C.S 1MS07IS013 BHARGAVI C.S 1MS07IS013 MEGHANA N. 1MS07IS050 MEGHANA.
©Ian Sommerville 2004Software Engineering Case Studies Slide 1 The Internet Worm Compromising the availability and reliability of systems through security.
Topics Network topology Virtual LAN Port scanners and utilities Packet sniffers Weak protocols Practical exercise.
Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.
1 Chapter 9 Intruders. 2 Outline Intruders –Intrusion Techniques –Password Protection –Password Selection Strategies –Intrusion Detection Statistical.
Retina Network Security Scanner
Administering Groups Chapter Eight. Exam Objectives In this Chapter:  Plan a security group hierarchy based upon delegation requirements  Plan a security.
Databases Kevin Wright Ben Bruckner Group 40. Outline Background Vulnerabilities Log File Cleaning This Lab.
An Evening with Berferd Bill Cheswick, USENIX 1990 Presented by Chris Grier.
Enumeration March 2, 2010 MIS 4600 – MBA © Abdou Illia.
Common System Exploits Tom Chothia Computer Security, Lecture 17.
Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.
Secure services Unit-IV CHAP-1
Hacking Demo Part 2 Attack Phases
The Internet Worm Compromising the availability and reliability of systems through security failure.
Working at a Small-to-Medium Business or ISP – Chapter 8
Hacking Unix/Linux.
Metasploit a one-stop hack shop
Common Operating System Exploits
Metasploit assignment
Metasploit Analysis Report Overview
Analyzing OS Sample Windows 7 image provided by different class
Internet Security by Alan S H Lam 2019/4/9.
Crisis and Aftermath Morris worm.
Presentation transcript:

Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/031 A Real World Attack: wu-ftp Cao er kai ( 曹爾凱 ) Tel: Ext

Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/032 Outline Description Purpose Principle and Pre-Study Required Facilities Step by step Summary Reference

Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/033 Description The exercise will guide you through the process of discovering a vulnerable system, exploiting the vulnerability, and installing software to cover your tracks

Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/034 Purpose Located a vulnerable system Exploit that vulnerability to gain a root shell Installed a rootkit Access the system via the rootkit

Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/035 Principle and Pre-Study CERT Advisory CA Multiple Vulnerabilities in WU-FTPD 1.MAPPING_CHDIR Buffer Overflow 2.Message File Buffer Overflow 3.SITE NEWER Consumes Memory

Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/036 Required Facilities Hardware  PC or Workstation with UNIX-like system Software  Wu-ftp  RootKits and Buffer Overflow Program WARNING:  This process of cracking a system is only tested in internal network.  Do not actual exploit on unprivileve host

Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/037 Step (I): reconnaissance and scanning Use “nmap” for system scanning Test the account of anonymous

Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/038 Step (II): exploit the target Decompress the buffer overflow file and compile it List the usage of this tool

Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/039 Step (III): cracking Execute the buffer overflow on target host Got the root right

Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/0310 Step (IV) Download the rootkit from outside and install it checking the login user Download the tool from another victim Execute the rootkit Decompress the rootkit

Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/0311 Step (V): auto-patch the victim the default login password change the system command open the telnet port close the system filewall Report the system information

Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/0312 Step (IV) try the rootkit if it works Now you can do anything We have got a root shell now The Telnet daemon has been replaced Input the ID and the Password Which predefine by us

Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/0313 Summary Checking the OS and applications’ vulnerability periodically. None unsafe applications, but careless people

Information Networking Security and Assurance Lab National Chung Cheng University 2004/03/0314 Reference CERT  Nmap  Buffer Overflow and RootKits download site 

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.