Presentation is loading. Please wait.

Presentation is loading. Please wait.

TANNENBAUM: 9 SECURITY (FOR THE LITTLE FUR FAMILY)

Published byKellie Mathews Modified over 8 years ago

Similar presentations

Presentation on theme: "TANNENBAUM: 9 SECURITY (FOR THE LITTLE FUR FAMILY)"— Presentation transcript:

1 TANNENBAUM: 9 SECURITY (FOR THE LITTLE FUR FAMILY)

2 THE LITTLE FUR SONG

3 ROBERT TAPPAN MORRIS 1988 2008 First person (in 1990) sentenced for spreading malware

4 11/2/1988 Cornell graduate student released released into (then) Internet Virus A program fragment that attaches to a legitimate program with the intention of infecting other programs Work Self-Replicating program that burrows into systems via networks

5 MORRIS AND HIS IRONIES The Ironies Irony 1 Annual meeting of Usenix opened at Berkeley By evening participants had distributed fixes Irony 2: The wormexploited weak passwords Morris’s father and Ken Thompson wrote a classic paper on passwords 86% of all passwords were first names, last names, words spelled backwards, and other easy-to-guess stuff

6 COMPUTER SECURITY REDUCES TO 1.Developing a model of security Who has access to what and what kind of access? 2.Reducing vulnerabilities Fixing them as they occur Reducing the size of the trusted security base 3.Protecting Access: Password Protection 4.Protecting Files: Encryption

7 MORRIS WORM EXPLOITED TRUST Overview of the Morris Worm Propagation Via the Finger Daemon How the Morris Work Guessed Passwords Spreading Via rexec and rsh

8 PASSWORDS IN UNIX /etc/passwd holds user info /etc/shadow holds hashed password Salt Demystified creating a hashed and salted password in python import crypt crypt(password, salt) Where salt is a two character element of [a-zA-Z0-9] print(crypt.crypt(‘burningbright01’,’aa’)) To see your shadow password: cat /etc/shadow | grep tyger Irony 3: The orginal crypt() was by written Morris the Elder and Ken Thompson

Download ppt "TANNENBAUM: 9 SECURITY (FOR THE LITTLE FUR FAMILY)"

Similar presentations

POSSIBLE THREATS TO DATA

POSSIBLE THREATS TO DATA
Password Cracking Lesson 10. Why crack passwords?

Password Cracking Lesson 10. Why crack passwords?
UNIT 6 DIGITAL LITERACY STUDY S3 OBJ 1 VIRUSES & DESTRUCTIVE PROGRAMS.

UNIT 6 DIGITAL LITERACY STUDY S3 OBJ 1 VIRUSES & DESTRUCTIVE PROGRAMS.
C risis And A ftermath Eugene H. Spafford 발표자 : 손유민.

C risis And A ftermath Eugene H. Spafford 발표자 : 손유민.
Communications of the ACM (CACM), Vol. 32, No. 6, June 1989

Communications of the ACM (CACM), Vol. 32, No. 6, June 1989
Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.

Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.
Computer Viruses and Worms* *Referred to slides by Dragan Lojpur, Zhu Fang at Florida State University.

Computer Viruses and Worms* *Referred to slides by Dragan Lojpur, Zhu Fang at Florida State University.
Hacking M***********s!!. Who is this guy? John Draper (aka Captain Crunch)

Hacking M***********s!!. Who is this guy? John Draper (aka Captain Crunch)
Last time Program security Flaws, faults, and failures

Last time Program security Flaws, faults, and failures
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.

Silberschatz, Galvin and Gagne  Operating System Concepts The Security Problem A system is secure iff its resources are used and accessed as.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
Introduction to Security Computer Networks Computer Networks Term B10.

Introduction to Security Computer Networks Computer Networks Term B10.
Security: Attacks. 2 Trojan Horse Malicious program disguised as an innocent one –Could modify/delete user’s file, send important info to cracker, etc.

Security: Attacks. 2 Trojan Horse Malicious program disguised as an innocent one –Could modify/delete user’s file, send important info to cracker, etc.
Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.

Security A system is secure if its resources are used and accessed as intended under all circumstances. It is not generally possible to achieve total security.
Silberschatz, Galvin and Gagne  2002 19.1 Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.

Silberschatz, Galvin and Gagne  Operating System Concepts Module 19: Security The Security Problem Authentication Program Threats System Threats.
Computer Viruses and Worms Dragan Lojpur Zhu Fang.

Computer Viruses and Worms Dragan Lojpur Zhu Fang.
1 Ola Flygt Växjö University, Sweden +46 470 70 86 49 Malicious Software.

1 Ola Flygt Växjö University, Sweden Malicious Software.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
Operating Systems Protection & Security.

Operating Systems Protection & Security.
Unit 2 - Hardware Computer Security.

Unit 2 - Hardware Computer Security.

Similar presentations

Ads by Google