Presentation is loading. Please wait.

Presentation is loading. Please wait.

4061 Session 26 (4/19). Today Network security Sockets: building a server.

Published byDana Todd Modified over 8 years ago

Similar presentations

Presentation on theme: "4061 Session 26 (4/19). Today Network security Sockets: building a server."— Presentation transcript:

1 4061 Session 26 (4/19)

2 Today Network security Sockets: building a server

3 Today’s Objectives Name several risks associated with developing network software Explain buffer overflow attack Write a network server in C that implements a simple protocol

4 Admin Monday’s Lab

5 Computer Security Some operating systems are more “secure” than others... What are some of the attacks?

6 Attacks Over Networks We’ll talk about a few exploits that happen across computer networks The lesson: network code is vulnerable to cracks. Code with care.

7 /*********************/ /* LET THIS EXEC */ /* */ /* RUN */ /* */ /* AND */ /* */ /* ENJOY */ /* */ /* YOURSELF! */ /*********************/ 'VMFCLEAR' SAY ' * ' SAY ' *** ' SAY ' ***** ' SAY ' ******* ' SAY ' ********* ' SAY ' ************* A' SAY ' ******* ' SAY ' *********** VERY' SAY ' *************** ' SAY ' ******************* HAPPY' SAY ' *********** ' SAY ' *************** CHRISTMAS' SAY ' ******************* ' SAY ' *********************** AND MY' SAY ' *************** ' SAY ' ******************* BEST WISHES' SAY ' *********************** ' SAY ' *************************** FOR THE NEXT' SAY ' ****** ' SAY ' ****** YEAR' SAY ' ****** ' /* browsing this file is no fun at all just type CHRISTMAS from cms */

8 Morris Worm 1988 (Internet still young) Robert Morris discovers some vulnerabilities in Berkeley Unix Wrote a self-replicating program (a worm) that brought down ~6,000 machines –Perhaps 10% of all machines connected to the Internet

9 Morris Worm Technique: –Use a variety of techniques to find other machines to infect E.g. look at files like /etc/hosts.equiv and /.rhosts –Exploit software vulnerabilities (finger, sendmail, and rsh) to copy a small bootstrap program to remote hosts –Establish network connection with remote host, copy remainder of file over

10 Finger Daemon Exploit Finger is a program for displaying information about users. Runs as fingerd Classic buffer overflow –Allow execution of arbitrary code Typically, C compilers don’t provide array bounds checks: int i; char c[1024]; i = 12000; c[i] = 0;

11 Buffer Overflow

12 Morris Worm When it infected a machine that had already been infected, 1/7 of the time it created another copy, anyhow –To bypass admins creating a fake copy to thwart the worm This is the code that brought down the Internet –Without the 1/7, the worm may have run undetected for a long time!

13 Worms Evolved Today, worms spread via email, instant messaging, IRC, file-sharing, and by targeting TCP/IP ports directly –Some of these require user effort (e.g. the Anna Kournikova worm promised pictures) –Some exploit software vulnerabilities (e.g. Blaster worm exploited remote procedure calls in Windows) Worms can install backdoors on machines, turning them into “zombies” –Thanks for the spam!

14 DoS I wish to make some service (e.g. a Web server, or DNS services) unavailable –Overwhelm computers with traffic A local example: fork bomb –while (1) fork(); –:(){ :|:& };:

15 SYN Flood Images from http://en.wikipedia.org/wiki/SYN_flood

16 DDoS Coordinated attacks –Zombies –Computers infected with worm or virus Harder to detect, harder to defeat with bandwidth, harder to stop Anecdotes –“Slashdot Effect” –DNS Server Attacks (2002 and 2007)

17 Defenses Firewalls –Packet inspection and rejection Switches and routers –Rate limits

Download ppt "4061 Session 26 (4/19). Today Network security Sockets: building a server."

Similar presentations

(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.

(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.
Communications of the ACM (CACM), Vol. 32, No. 6, June 1989

Communications of the ACM (CACM), Vol. 32, No. 6, June 1989
Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.

Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.

Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.
The Internet and Java Sockets ICW Lecture 5 Tom Chothia.

The Internet and Java Sockets ICW Lecture 5 Tom Chothia.
Introduction to Security Computer Networks Computer Networks Term B10.

Introduction to Security Computer Networks Computer Networks Term B10.
Security: Attacks. 2 Trojan Horse Malicious program disguised as an innocent one –Could modify/delete user’s file, send important info to cracker, etc.

Security: Attacks. 2 Trojan Horse Malicious program disguised as an innocent one –Could modify/delete user’s file, send important info to cracker, etc.
Distributed Denial of Service Attacks CMPT 471 1 Distributed Denial of Service Attacks Darius Law.

Distributed Denial of Service Attacks CMPT Distributed Denial of Service Attacks Darius Law.
The Internet Worm Crisis and Aftermath Miyu Nakagawa Cameron Smithers Ying Han.

The Internet Worm Crisis and Aftermath Miyu Nakagawa Cameron Smithers Ying Han.
Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.

Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.
Network Security Peter Behrens Seth Elschlager. Computer Security Preventing unauthorized use of your network and information within that network. Preventing.

Network Security Peter Behrens Seth Elschlager. Computer Security Preventing unauthorized use of your network and information within that network. Preventing.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.

100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.

Internet Relay Chat Security Issues By Kelvin Lau and Ming Li.
Internet Relay Chat Chandrea Dungy Derek Garrett #29.

Internet Relay Chat Chandrea Dungy Derek Garrett #29.
1 Computer Security: Protect your PC and Protect Yourself.

1 Computer Security: Protect your PC and Protect Yourself.

Similar presentations

Ads by Google