Presentation is loading. Please wait.

Presentation is loading. Please wait.

Understanding the Risks Is Safe Computing Possible? Bob Cowles TERENA Conference 2005 – Poznań, Poland Work supported by U.

Published byJob Hubbard Modified over 8 years ago

Similar presentations

Presentation on theme: "Understanding the Risks Is Safe Computing Possible? Bob Cowles TERENA Conference 2005 – Poznań, Poland Work supported by U."— Presentation transcript:

1 Understanding the Risks Is Safe Computing Possible? Bob Cowles bob.cowles@slac.stanford.edu TERENA Conference 2005 – Poznań, Poland Work supported by U. S. Department of Energy contract DE-AC03-76SF00515

2 7 June 2005TNC 20052 Final Thoughts (Spring 2004) uAttacks coming faster; attackers getting smarter uComplex attacks using multiple vulnerabilities uNo simple solution works l Patching helps l Firewalls help l AV & attachment removal help l Encrypted passwords/tunnels help uYou can’t be “secure”; only “more secure” uWe must share information better

3 7 June 2005TNC 20053 Passwords captured on WiFi YM%lsd.512 severine n0mad cris1964 cms2wa97 luciole n0811a xxxx8769 & xxxx0255

4 7 June 2005TNC 20054 Public Access Insecure Protocols uCleartext protocols l http – sometimes difficult to tell l smtp – visible emails as they are sent/received l pop – visible email and possible passwords l imap –visible email and possible passwords l ftp & telnet – visible sessions and passwords uNetwork file systems uFaked service providers

5 7 June 2005TNC 20055 Public Access Insecure Protocols uInstant messaging l aim l yahoo messenger l ICQ l jabber uKiosks uVulnerable to worms on “local network” l Blaster vulnerability discovered by local LSD group uPasswords for coffee http://www.theregister.co.uk/2005/05/06/verisign_password_survey / uLists of recent compromises http://www.emergentchaos.com/archives/cat_breaches.html

6 7 June 2005TNC 20056 ssh and Other Compromises uAttacker installs trojaned ssh w/ keylogger uLater suspected tactics: l Scan for open X sessions (xhost +) l Windows compromises hacker defender rootkit installed l session hi-jacking http://www.cnn.com/2005/TECH/05/10/govt.computer.hacker/ http://www.sfgate.com/cgi- bin/article.cgi?file=/c/a/2005/05/10/MNGSCCMIJ21.DTL uReplaced by ssh weak password scanning http://www.frsirt.com/exploits/08202004.brutessh2.c.php

7 7 June 2005TNC 20057 On the Increase uPhishing http://www.techworld.com/news/index.cfm?RSS&NewsID=3638 l 419 – Now job ads http://www.theregister.co.uk/2005/05/09/419_job_ads/ uPharming http://www.channelregister.co.uk/2005/04/08/dns_attacks_attempt_to _mislead_consumers/ uSpyware (p2p) http://en.wikipedia.org/wiki/Spyware uGoogle hacking http://johnny.ihackstuff.com/index.php?module=prodreviews

8 7 June 2005TNC 20058

9 7 June 2005TNC 20059 Where It Really Goes … http://scgi.ebay.com/verify_id=ebay &fraud alert id code=00937614

10 7 June 2005TNC 200510 Postbank Phishing (04 June) uCourtesy of Vincent 'rastakid' van Scherpenseelrastakid http://www.syn-ack.org/papers/postbank.html uWhere it appears to go: http://www.postbank.nl/gRK6QnraG6FTLfFmTNNbX68U7rj8Q2 2oyqyIKv8qBXCeGv0TJYa0w9g6c6wih2g3 uWhere it goes: href="http://www.google.es/url?q=http://go.msn.com/HML/1/5.asp?target =http://%68k%73chf%09%6f%2E%64%09a%2ER%09U/" uWhere it REALLY goes: http://hkschfo.da.RU/ uLogin popup in front of real Postbank page

11 7 June 2005TNC 200511

12 7 June 2005TNC 200512 New Technologies ubluetooth l I 0wn your Lexus http://www.cryptonomicon.nethttp://www.cryptonomicon.net (site being rebuilt) l Hacking “secure” bluetooth devices http://www.newscientist.com/article.ns?id=dn7461 uRFID http://www.rfidbuzz.com/news/2004/rfdump.html uVoIP http://www.pcworld.com/resource/article/0,aid,120668,pg,1,RSS,RSS,00.asp u0wned by iPod http://md.hudora.de/presentations/firewire/PacSec2004.pdf

13 7 June 2005TNC 200513 Collaborative Environments uOrganizations of resource consumers cross multiple resource providers uResource consumer organization manages user base and user not registered in advance with providers uAuthorization assertion from organization identifies valid users uMany security implications l Incident response l Credential theft l Adequacy / usability of audit information l Maintenance of persistent resource (e. g. storage) ownership

14 7 June 2005TNC 200514 UN on Fighting Cybercrime uCreate culture of cybersecurity l Prevention & prosecution of cybercrime l Address needs of developing countries too l Coordinated efforts to facilitate practical research uGlobal approaches to avert & mitigate impact on l Critical infrastructure l Sustainable development l Privacy protection l eCommerce, banking and trade http://www.crime-research.org/news/05.12.2005/1225/

15 7 June 2005TNC 200515 Late Breaking News uNumerous versions of Mytob (125 in 3 mos) l Turns off anti-virus l Opens backdoor for further compromise u00 June 2005 – Apple Quicktime allows information theft l Invisible – while playing a Quicktime movie l Download version 7.0.1. (Macs only. Profile info only) u01 June 2005 – Coordinated malware attack l Gleider – Eight variants. Opens backdoor l Fantibag – Disables antivirus & Windows Update l Mitglieder – Opens backdoor for control u06 June 2005 – Spybot worm variant l Spreads through network shares or unpatched systems l Opens backdoors for further compromise

16 7 June 2005TNC 200516 Final Thoughts (June 2005) uAll operating systems are vulnerable http://www.theregister.co.uk/2005/05/05/apple_mega_patch/ uAll browsers are vulnerable (firefox vulnerability) http://www.theregister.co.uk/2005/05/09/firefox_0day_exploit/ uNo simple solution – security still to complex l Patching helps l Firewalls help l AV & attachment removal & spam filters help l Encrypted passwords/tunnels help – if used!! uYou can’t be “secure”; only “more secure” uWe must share information (100 best security web sites) http://www.uribe100.com/index100.htm

Download ppt "Understanding the Risks Is Safe Computing Possible? Bob Cowles TERENA Conference 2005 – Poznań, Poland Work supported by U."

Similar presentations

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
10 Things You Can do to Secure Your PC Presented by Peter Nowak OIS Client Services Manager.

10 Things You Can do to Secure Your PC Presented by Peter Nowak OIS Client Services Manager.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.

Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.
Cyber check Do you work safely and responsibly online? Do you know about the risks to your cyber security? What are your online responsibilities ? How.

Cyber check Do you work safely and responsibly online? Do you know about the risks to your cyber security? What are your online responsibilities ? How.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Internet Safety Basics Never share names, schools, ages, phone numbers, or addresses. Never open an email from a stranger – it may contain viruses that.

Internet Safety Basics Never share names, schools, ages, phone numbers, or addresses. Never open an from a stranger – it may contain viruses that.
CS 450 - Nathan Digangi.  Secret, undocumented routine embedded within a useful program  Execution of the program results in execution of secret code.

CS Nathan Digangi.  Secret, undocumented routine embedded within a useful program  Execution of the program results in execution of secret code.
Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.

Windows Security Tech Talk 9/25/07. What is a virus?  A computer program designed to self replicate without permission from the end user  The program.
SIRT Contact Orientation Security Incident Response Team Departmental Security Contacts April 16, 2004.

SIRT Contact Orientation Security Incident Response Team Departmental Security Contacts April 16, 2004.
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Cyber Crime Carloe Distor CCS1D. Agenda  Introduction & History  Cyber Criminals  Types of Cyber Crime  Cyber Crime in Pakistan  Protect Computers.

Cyber Crime Carloe Distor CCS1D. Agenda  Introduction & History  Cyber Criminals  Types of Cyber Crime  Cyber Crime in Pakistan  Protect Computers.
CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.

CAP6135: Malware and Software Vulnerability Analysis Examples of Term Projects Cliff Zou Spring 2012.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.

Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.
Information Security Information Technology and Computing Services Information Technology and Computing Services

Information Security Information Technology and Computing Services Information Technology and Computing Services
Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.

Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.
Internet safety By Lydia Snowden.

Internet safety By Lydia Snowden.

Similar presentations

Ads by Google