Computer Security Update Bob Cowles, SLAC stanford.edu Presented to HEPiX at Fermilab 23 Oct 2002 Work supported by U. S. Department of Energy.

Slides:

Advertisements

Similar presentations

The Approach to Security in CLRC Gareth Smith With acknowledgements to all the members of the CLRC Computer Network and Security Group, especially Trevor.

Advertisements

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

By Hiranmayi Pai Neeraj Jain

Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.

1 Web Servers / Deployment Alastair Dawes Original by Bhupinder Reehal.

1 Defining System Security Policies. 2 Module - Defining System Security Policies ♦ Overview An important aspect of Network management is to protect your.

Chapter 7 HARDENING SERVERS.

Changes in Windows XP Service Pack 2

Web Server Administration

Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.

Computer Security and Penetration Testing

TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.

Computer Security Update Bob Cowles, SLAC stanford.edu Presented at HEPiX - TRIUMF 23 Oct 2003 Work supported by U. S. Department of Energy.

Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.

IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)

2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.

Microsoft October 2004 Security Bulletins Briefing for Senior IT Managers updated October 20, 2004 Marcus H. Sachs, P.E. The SANS Institute October 12,

RFC6520 defines SSL Heartbeats - What are they? 1. SSL Heartbeats are used to keep a connection alive without the need to constantly renegotiate the SSL.

Computer Security Update Bob Cowles, SLAC stanford.edu Presented at RAL 09 Dec 2002 Work supported by U. S. Department of Energy contract.

Managing CERN Desktops with Systems Management Server (SMS 2003) Michel Christaller Internet Services Group Department of Information Technology CERN May.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

Web Servers Web server software is a product that works with the operating system The server computer can run more than one software product such as .

Configuring a Web Server. Overview Overview of IIS Preparing for an IIS Installation Installing IIS Configuring a Web Site Administering IIS Troubleshooting.

Lesson 9 Common Windows Exploits. UTSA IS 3523 ID and Incident Response Overview Top 20 Exploits Common Vulnerable Ports Detecting Events.

PC Maintenance: Preparing for A+ Certification Chapter 25: The Internet.

Delving into the Internet and Networks. In the beginning  ARPANET – set up for the military to have another network of communication  Pre-cursor to.

Laptops and Computer Security Gareth Smith. Current Situation in PPD Standardised on Dells (D400, D600) Total bought to date by department: ~50. Loan.

Introduction to SQL Server 2000 Security Dave Watts CTO, Fig Leaf Software

Tutorial 11 Installing, Updating, and Configuring Software

Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.

Lecture#2 on Internet and World Wide Web. Internet Applications Electronic Mail ( ) Electronic Mail ( ) Domain mail server collects incoming mail.

IMPLEMENTING F-SECURE POLICY MANAGER. Page 2 Agenda Main topics Pre-deployment phase Is the implementation possible? Implementation scenarios and examples.

CERN’s Computer Security Challenge

BLENDED ATTACKS EXPLOITS, VULNERABILITIES AND BUFFER-OVERFLOW TECHNIQUES IN COMPUTER VIRUSES By: Eric Chien and Peter Szor Presented by: Jesus Morales.

1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.

Chapter 1: The Internet and the WWW CIS 275—Web Application Development for Business I.

1 7-Oct-15 OSI transport layer CCNA Exploration Semester 1 Chapter 4.

1 Internet Browsing Vulnerabilities and Security ECE4112 Final Lab Ye Yan Frank Park Scott Kim Neil Joshi.

Windows XP Professional Features ©Richard L. Goldman February 5, 2003.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.

Module 6: Integrating ISA Server 2004 and Microsoft Exchange Server.

OV Copyright © 2005 Element K Content LLC. All rights reserved. Hardening Internetwork Devices and Services  Harden Internetwork Connection Devices.

Gerhard Eschelbeck CTO and VP Engineering Qualys BlackHat Conference Japan October 2004.

FTP File Transfer Protocol Graeme Strachan. Agenda  An Overview  A Demonstration  An Activity.

NetTech Solutions Supporting Users and Troubleshooting Desktop Applications on Microsoft Windows XP Instructor Richard Fredrickson.

Day12 Network OS. What is an OS? Provides resource management and conflict resolution. –This includes Memory CPU Network Cards.

Application of the Internet 1998/12/09 KEIO University, JAPAN Mikiyo

Writing Security Alerts tbird Last modified 2/25/2016 8:55 PM.

On the Road to Eliminating Cleartext Reusable Passwords HEPNT and HEPiX 06 October 1999 Bob Cowles, SLAC Computer Security Officer

Windows Administration How to protect your computer.

Vulnerabilities in Operating Systems Michael Gaydeski COSC December 2008.

COSC 432 Shi Li 12/8/2008. File Transfer Protocol (FTP) Used to transfer files and data between computers via internet Defined as RFC959 Developed in.

Server Administration, Server Management and Networking Alokes Chattopadhyay.

Security on the Internet Norman White ©2001. Security What is it? Confidentiality – Can my information be stolen? Integrity – Can it be changed? Availability.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

Application layer tcp/ip

Working at a Small-to-Medium Business or ISP – Chapter 8

Chapter 7: Identifying Advanced Attacks

Chapter 6 Application Hardening

COP 4343 Unix System Administration

Introduction to SQL Server 2000 Security

The Security Problem Security must consider external environment of the system, and protect it from: unauthorized access. malicious modification or destruction.

CompTIA Server+ Certification (Exam SK0-004)

Web Servers / Deployment

APACHE WEB SERVER.

INTERNET SECURITY.

Presentation transcript:

Computer Security Update Bob Cowles, SLAC stanford.edu Presented to HEPiX at Fermilab 23 Oct 2002 Work supported by U. S. Department of Energy contract DE-AC03-76SF00515

23 October 2002HEPiX – Bob Cowles – SLAC2 Areas Solaris Cisco Linux IIS Internet Explorer Windows Misc Virus & Worm Conclusions News

23 October 2002HEPiX – Bob Cowles – SLAC3 Solaris /bin/login ssh & OpenSSH in.talkd cachefsd xdr_array bo (affects OpenAFS too) ttdbserver TTYPROMPT

23 October 2002HEPiX – Bob Cowles – SLAC4 Cisco ssh Aironet wireless APs (telnet) ntp daemon httpd default passwords

23 October 2002HEPiX – Bob Cowles – SLAC5 Linux ssh wu-ftp glibc OpenSSH glibc (reboot required) Bugzilla OpenSSL

23 October 2002HEPiX – Bob Cowles – SLAC6 Apache Transfer chunking mod_ssl off-by-one shared memory scoreboard - scripting

23 October 2002HEPiX – Bob Cowles – SLAC7 IIS Cookie handling error (cross domains).htr heap overflow Office Web components SmartHTML interpreter.htr transfer chunking

23 October 2002HEPiX – Bob Cowles – SLAC8 Internet Explorer file name spoofing VBScript read local files jpeg scripting Gopher protocol error SSL cert checking error (Outlook, too) Cached objects

23 October 2002HEPiX – Bob Cowles – SLAC9 Windows MS SQL Server & Media Player UPNP XMLHTTP JVM Debugger MS Office document grabbing Network Connection Manager Windows XP SP1

23 October 2002HEPiX – Bob Cowles – SLAC10 Misc OpenVMS DECwindows Motif Server Add’l files indexed by Google AOL AIM & Yahoo Messenger snmp PGP buffer overflow libbind resolver buffer overflow MIME send by reference (RFC 2046) TCP/IP ambiguity

23 October 2002HEPiX – Bob Cowles – SLAC11 Virus & Worm Magistr badtrans Goner Myparty: Frethem (your password) Klez Bugbear

23 October 2002HEPiX – Bob Cowles – SLAC12 Conclusions (almost the same) Poor administration is still a major problem Firewalls cannot substitute for patches Multiple levels of virus/worm protection are necessary Clue is more important than source

23 October 2002HEPiX – Bob Cowles – SLAC13 News OpenSSH trojaned 20 things to make your system safe and secure (really!) New versions of PGP.. incl. version 8.0 beta for Windows SMTP trojaned Flash and Warhol worms Attack on root DNS servers