Tài liệu miễn phí An ninh - Bảo mật
Download Tài liệu học tập miễn phí An ninh - Bảo mật
Wireless LAN
A WLAN is a shared network. An access point is a shared device and functions like a shared Ethernet hub. Data is transmitted over radio waves. Two-way radio communications (half-duplex) are used. The same radio frequency is used for sending and receiving (transceiver).
8/30/2018 2:18:37 AM +00:00
Information Theory and Security
Up to this point we have seen: Classical Crypto Symmetric Crypto Asymmetric Crypto These systems have focused on issues of confidentiality: Ensuring that an adversary cannot infer the original plaintext message, or cannot learn any information about the original plaintext from the ciphertext. In today’s lecture we will put a more formal framework around the notion of what information is, and use this to provide a definition of security from an information-theoretic point of view.
8/30/2018 2:18:37 AM +00:00
Lab Wireless
Wireless technology has enormous potential to change the way people and things communicate. Future wireless networks will allow people on the move to communicate with anyone, anywhere, and at any time using a range of high-performance multimedia services. Wireless video will support applications such as enhanced social networking, distance learning and remote medicine. Wireless sensor networks can also enable a new class of intelligent home electronics, smart and energy-efficient buildings and highways, and in-body networks for analysis and treatment of medical conditions....
8/30/2018 2:18:37 AM +00:00
TCP - UDP
Mô hình Client - Server. 7 tầng OSI và họ giao thức TCP/IP. TCP và UDP Lập trình TCP, UDP Socket với .NET framework Lập trình TCP, UDP nâng cao với .NET framework TCPClient UDPClient
8/30/2018 2:18:37 AM +00:00
Proposal for Fast-Tracking NIST Role-Based Access Control Standard
Lots of users and privileges scattered over many platforms and applications. Who are the valid users? What are they entitled to access? How do you keep access rights up-to-date? How do you specify and enforce policy?
8/30/2018 2:18:37 AM +00:00
SecureSockets
The Web has become the visible interface of the Internet Many corporations now use the Web for advertising, marketing and sales Web servers might be easy to use but… Complicated to configure correctly and difficult to build without security flaws They can serve as a security hole by which an adversary might be able to access other data and computer systems
8/30/2018 2:18:37 AM +00:00
Security Models: Dolev-Yao, Semantic Security, Probabilistic Encryption and ZKIP
For distributed systems and networks, we often should assume that there are adversaries Everywhere in the network Adversary may: eavesdrop, manipulate, inject, alter, duplicate, reroute, etc… Adversary may control a large number of network nodes that are geographically separated Dolev-Yao Threat Model: A very powerful adversarial model that is widely accepted as the standard by which cryptographic protocols should be evaluated Eve, the adversary, can: Obtain any message passing through the network Act as a legitimate user of the network (i.e. can initiate a conversation with any other user) Can become the receiver to any sender Can send messages to any entity by impersonating any other entity ...
8/30/2018 2:18:37 AM +00:00
Security Protocols: They’re so NOT Easy!
Tham khảo bài thuyết trình 'security protocols: they’re so not easy!', công nghệ thông tin, an ninh - bảo mật phục vụ nhu cầu học tập, nghiên cứu và làm việc hiệu quả
8/30/2018 2:18:37 AM +00:00
Wireless Network Security Part II
WPA: A rush solution to the security problems of WEP WPA2: Based on 802.11i (official version) Encrypt and authenticate MSDUs: counter mode-CBC MAC protocol with AES-128 Authenticate STAs: 802.1X Initialization vectors transmitted in plaintext are no longer needed to generate per-frame keys But most of the existing Wi-Fi WPA cards cannot be upgraded to support 802.11i
8/30/2018 2:18:36 AM +00:00
Chapter 8 The Art of Anti Malicious Software
A computer virus is a piece of code hiding in a program that can automatically copy itself or embed a mutation of itself in other programs Cannot spread on their own Often require a host program to live in Infected program: a host program with virus Uninfected program (healthy program): a program cleared of all viruses Disinfected program: a program once infected but now cleared of viruses Specific to particular types of file systems, file formats, and operating systems Particular types of architecture, CPU, languages, macros, scripts, debuggers, and every other form of programming or system environment ...
8/30/2018 2:18:36 AM +00:00
Attack Profiles
Forge a connection to a host running chargen and have it send useless chargen data to the echo server on another makes the 2 services so busy that the host may crash or be too busy to respond to normal traffic Defense: configure only services that are absolutely necessary (chargen and echo have no business running on a production server)
8/30/2018 2:18:36 AM +00:00
Authentication Services
will consider authentication functions developed to support application-level authentication & digital signatures will consider Kerberos – a private-key authentication service then X.509 directory authentication service
8/30/2018 2:18:36 AM +00:00
Bots and Botnets
One of the most common ways to mount a Distributed Denial of Service attacks is done via networks of zombie computers taking instructions from a central point Early net were controlled via proprietary software written by the network owner Today they are mostly controlled by an IRC channel This makes it easier to control the network and easier for the owner to hide
8/30/2018 2:18:36 AM +00:00
Buffer Overflow Exploits
Memory global static heap malloc( ) , new Stack non-static local variabled value parameters Buffer is a contiguously allocated chunk of memory Anytime we put more data into a data structure than it was designed for.
8/30/2018 2:18:36 AM +00:00
ethics
This Code, consisting of 24 imperatives formulated as statements of personal responsibility, identifies the elements of such a commitment. It contains many, but not all, issues professionals are likely to face. Section 1 outlines fundamental ethical considerations Section 2 addresses additional, more specific considerations of professional conduct. Section 3 pertain more specifically to individuals who have a leadership role, whether in the workplace or in a volunteer capacity such as with organizations like ACM. Section 4 addresses principles involving compliance with this Code ...
8/30/2018 2:18:36 AM +00:00
Firewalls Packet Filtering
Sits between two networks Used to protect one from the other Places a bottleneck between the networks All communications must pass through the bottleneck – this gives us a single point of control.Packet Filtering Rejects TCP/IP packets from unauthorized hosts and/or connection attempts bt unauthorized hosts Network Address Translation (NAT) Translates the addresses of internal hosts so as to hide them from the outside world Also known as IP masquerading Proxy Services Makes high level application level connections to external hosts on behalf of internal hosts to completely break the network connection between internal and external hosts ...
8/30/2018 2:18:36 AM +00:00
Circuit & Application Level Gateways
Also called a Proxy Firewall Acts as a relay for application level traffic Typical applications: Telnet FTP SMTP HTTP More secure than packet filters Bad packets won't get through the gateway Only has to deal with application level packets Simplifies rules needed in packet filter
8/30/2018 2:18:36 AM +00:00
Hackers, Crackers, and Network Intruders
Hacking - showing computer expertise Cracking - breaching security on software or systems Phreaking - cracking telecom networks Spoofing - faking the originating IP address in a datagram Denial of Service (DoS) - flooding a host with sufficient network traffic so that it can’t respond anymore Port Scanning - searching for vulnerabilities
8/30/2018 2:18:36 AM +00:00
Internet Command Message Protocol (ICMP)
Used to communicate IP status and error messages between hosts and routers Uses IP to route its messages between hosts Must be implemented with IP remember, IP is just a packet delivery system transmits and routes datagrams from sources to destinations through a series of interconnected networks it has a checksum in the IP header to detect lost bits no error detection on the datagram payload though but has no native mechanism for source host notification This is where ICMP comes in its used to report IP errors to the source host ICMP data is carried as the payload of an IP datagram specifies additional message formats within this area ...
8/30/2018 2:18:36 AM +00:00
Intrusion Detection
IP Address Scans scan the range of addresses looking for hosts (ping scan) Port Scans scan promising ports for openness (80, 21, …) Service Evaluation determine the OS Target Selection pick the most vulnerable host, most running services... Vulnerability Probes Automated password attacks FTP, HTTP, NetBIOS, VNC PCAnywhere…. Application specific attacks try known vulnerabilities on present services
8/30/2018 2:18:36 AM +00:00
Cryptography & Network Security
In CERTs 2001 annual report it listed 52,000 security incidents the most serious involving: IP spoofing intruders creating packets with false address then taking advantages of OS exploits eavesdropping and sniffing attackers listen for userids and passwords and then just walk into target systems as a result the IAB included authentication and encryption in the next generation IP (IPv6)
8/30/2018 2:18:36 AM +00:00
libpcap
libpcap is an open source C library for putting your NIC in promiscuous mode. Today I’ll go over a few C gotchas and how to use the libpcap API Any C programmers? Planning to go to grad school?
8/30/2018 2:18:36 AM +00:00
Network Address Translation (NAT)
RFC-1631 A short term solution to the problem of the depletion of IP addresses Long term solution is IP v6 (or whatever is finally agreed on) CIDR (Classless InterDomain Routing ) is a possible short term solution NAT is another NAT is a way to conserve IP addresses Hide a number of hosts behind a single IP address Use: 10.0.0.0-10.255.255.255, 172.16.0.0-172.32.255.255 or 192.168.0.0-192.168.255.255 for local networks
8/30/2018 2:18:36 AM +00:00
Packet Filtering
A border router configured to pass or reject packets based on information in the header of each individual packet can theoretically be configured to pass/reject based on any field but usually done based on: protocol type IP addres TCP/UDP port Fragment number Source routing information
8/30/2018 2:18:36 AM +00:00
PHP Security
Never trust user input Poorly or unvalidated user input constitutes the most severe security problem with web applications can crash a server can cause buffer overflows can allow machine to be hijacked allow hacker to have root access Assume user input is bad until you prove its OK
8/30/2018 2:18:36 AM +00:00
Proxy Servers
Part of an overall Firewall strategy Sits between the local network and the external network Originally used primarily as a caching strategy to minimize outgoing URL requests and increase perceived browser performance Primary mission is now to insure anonymity of internal users Still used for caching of frequently requested files Also used for content filtering Acts as a go-between, submitting your requests to the external network Requests are translated from your IP address to the Proxy’s IP address E-mail addresses of internal users are removed from request headers Cause an actual break in the flow of communications ...
8/30/2018 2:18:36 AM +00:00
Raw Sockets
Raw Sockets let you program at just above the network (IP) layer You could program at the IP level using the IP API but you can’t get at ICMP Raw Sockets expose ICMP you get a Raw Packet and populate the entire packet yourself for high level protocols like TCP and UDP you lose all of the functionality implemented in those layers choosing to use a Raw Socket must be weighed carefully Raw Sockets can be dangerous Raw Sockets can be against the law http://www.kumite.com/rsnbrgr/rob/grcspoof/cnn/ ...
8/30/2018 2:18:36 AM +00:00
Public Key Cryptography and the RSA Algorithm
traditional private/secret/single key cryptography uses one key Key is shared by both sender and receiver if the key is disclosed communications are compromised also known as symmetric, both parties are equal hence does not protect sender from receiver forging a message & claiming is sent by sender
8/30/2018 2:18:36 AM +00:00
Scanning Repeatedly
Repeatedly dial phone numbers looking for a modem to answer or other things War Dialers – used to find modems ToneLoc – 1994 by Minor Threat & Mucho Maas THC-Scan 2.0 – VanHouser, releaces by Hackers Choice thc.inferno.tusclum.edu Win9x, NT, W2000 100 lines/hour TBA – LOpht (www.Lopht.com) War dialing on a PALM Demon Dialers – once a modem is found repeatedly dial it and guess passwords Other things Free phone calls – if the phone answers and gives a dial tone you have dialed into a number the will let you dial another number, some companies do this so that roaming employees can dial into the company or into a company...
8/30/2018 2:18:36 AM +00:00
SecurityIntroduction
Security Service – a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers RFC 2828 – a processing or communication service that is provided by a system to give a specific kind of protection to system resources; security services implement security policies and are implemented bt security mechanisms.
8/30/2018 2:18:36 AM +00:00