15-213 Introduction to Computer Systems. Stacks and Buflab Recitation 3 Monday September 21th, 2009.

Slides:

Advertisements

Similar presentations

Buffer Overflows Nick Feamster CS 6262 Spring 2009 (credit to Vitaly S. from UT for slides)

Advertisements

Security Issues in Mobile Code Systems David M.Chess, High Integrity Computing Lab, IBM T.J. Watson Research Center Hawthorne, NY, USA Mobile code systems.

Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.

Lecture 13 Malicious Software modified from slides of Lawrie Brown.

RECITATION - 09/20/2010 BY SSESHADR Buflab. Agenda Reminders  Bomblab should be finished up  Exam 1 is on Tuesday 09/28/2010 Stack Discipline Buflab.

Lecture 1 Intro Databases and Information Systems DT210 S McKeever 1.

IT 240 Intro to Desktop Databases Introduction. About this course Design a database: Entity Relation (ER) modeling and normalization techniques Create.

Welcome to EECS 354 Network Penetration and Security.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci530 Computer Security Systems Lecture.

Computer Networks. Why Computer Networks Consider computers in ancient times, say the 1970s –To communicate, two computers separated by a distance had.

Welcome to CS 450 Internet Security: A Measurement-based Approach.

CSE331: Introduction to Networks and Security Lecture 31 Fall 2002.

CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.

CS252: Systems Programming Ninghui Li Final Exam Review.

Date: 11/21/13 Thursday - Day 1 UNIT 3 “The Dynamic Earth” Go over Unit 3 Exam File Labs HOMEWORK: UNIT 4 SQs HW p. 3 due tomorrow!

Introduction to InfoSec – Recitation 15 Nir Krakowski (nirkrako at post.tau.ac.il) Itamar Gilad (itamargi at post.tau.ac.il)

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

EECS 354 Network Security Introduction. Why Learn To Hack Understanding how to break into computer systems allows you to better defend them Learn how.

CAP6135: Malware and Software Vulnerability Analysis Cliff Zou Spring 2015.

Assembly, Stacks, and Registers Kevin C. Su 9/26/2011.

Carnegie Mellon Introduction to Computer Systems /18-243, spring 2009 Recitation, Jan. 14 th.

More Network Security Threats Worm = a stand-alone program that can replicate itself and spread Worms can also contain manipulation routines to perform.

Active Worms CSE 4471: Information Security 1. Active Worm vs. Virus Active Worm –A program that propagates itself over a network, reproducing itself.

Introduction of Internet security Sui Wang IS300.

A Taxonomy of Computer Worms Nicholas Weaver, Vern Paxson, Stuart Staniford, and Robert Cunningham ACM WORM 2003 Speaker: Chang Huan Wu 2008/8/8.

Terminology Worm –A computer program that duplicates itself over computer networks. Virus –A computer program that inspects it’s environment and copies.

Administrative: Objective: –Tutorial on Risks –Phoenix recovery Outline for today.

Chapter 5: General Computer Topics Department of Computer Science Foundation Year Program Umm Alqura University, Makkah Computer Skills /1436.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 47 How Viruses Work.

Introduction to Databases Computer Science 557 September 2007 Instructor: Joe Bockhorst University of Wisconsin - Milwaukee.

Page 1 8 Oct 2004 IT Security Awareness Dangers in the Networked World Lai Zit Seng NUS School of Computing.

Recent Internet Viruses & Worms By Doppalapudi Raghu.

Database as a networked server DB at the centre of the network Network Access Map for DB environment Tracking of tools and apps Remove unnecessary network.

Crisis And Aftermath Eugene H. Spafford 이희범.  Introduction  How the worm operated  Aftermath Contents.

4061 Session 26 (4/19). Today Network security Sockets: building a server.

Viruses a piece of self-replicating code attached to some other code – cf biological virus both propagates itself & carries a payload – carries code to.

Course Overview for Compilers J. H. Wang Sep. 14, 2015.

Introduction Program File Authorization Security Theorem Active Code Authorization Authorization Logic Implementation considerations Conclusion.

A Failure to Learn from the Past Presented by Chad Frommeyer CSC 493/593 Professors Charles E. Frank/James Walden.

A Case Study on Computer Worms Balaji Badam. Computer worms A self-propagating program on a network Types of Worms  Target Discovery  Carrier  Activation.

Course Overview for Compilers J. H. Wang Sep. 20, 2011.

Understand Malware LESSON Security Fundamentals.

Slammer Worm By : Varsha Gupta.P 08QR1A1216.

The Internet Worm Incident Eugene H. Spafford  Attack Format –Worm vs. Virus  Attack Specifications –Worm operation –Infection and propagaion  Topics.

Web Security Firewalls, Buffer overflows and proxy servers.

Laboratory Based Courses on Internet Security Prabhaker Mateti Wright State University Dayton, OH NSF DUE

Group 9. Exploiting Software The exploitation of software is one of the main ways that a users computer can be broken into. It involves exploiting the.

Slides by Kent Seamons and Tim van der Horst Last Updated: Nov 11, 2011.

Databases Kevin Wright Ben Bruckner Group 40. Outline Background Vulnerabilities Log File Cleaning This Lab.

CSE 1340 Introduction to Computing Concepts Class 1 ~ Intro.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Instructor: Alexander Stoytchev CprE 281: Digital Logic.

By: Austen Perelman-Hall COSC 101 Presentation.  What is a worm? What is a virus?  What is the Red Worm?  Where did it come from? Causes  Effects.

@Yuan Xue Worm Attack Yuan Xue Fall 2012.

Malware Short for malicious software and is typically used as a

Laboratory Based Courses on Internet Security

Secure Software Development: Theory and Practice

Introduction to Computer Systems

PSE-Endpoint-Associate Exam Study Questions & PSE-Endpoint-Associate PDF Training Material

Internet Worm propagation

Instructor Provided Questions

Taking Down the Internet

Internet Worms, SYN DOS attack

Case Study: Code Red Author: Jedidiah R. Crandall,

Lab Project #3: BufLab — Buffer Overflow Attacks

Course Information Teacher: Cliff Zou Office: HEC

CSE551: Introduction to Information Security

Crisis and Aftermath Morris worm.

Presentation transcript:

Introduction to Computer Systems

Stacks and Buflab Recitation 3 Monday September 21th, 2009

Today Schedule DataLab and Bomblab Questions Buflab and Stacks Buffer Overflow Example Exam Review

Schedule Today: Datalab handed back Tomorrow: Exam Review. Bring specific questions. Tomorrow, 11:59 PM: Bomblab due and Buflab available. Thursday: Exam Tuesday, Oct. 6: Buflab due

Questions about Datalab or Bomblab?

Buflab

Apply a series of five stack buffer overflow attacks on an executable file in order to modify the stack and change program behavior. Disclaimer: The purpose of this lab is to help you learn about the runtime operations of programs and understand the nature of this form of security weakness so that you can avoid it in your code. There are criminal statutes against using any form of attack to gain unauthorized access to any system resources. Commercial code is (usually) much more secure than the code in the lab.

Buflab No penalty for wrong answers. You will need to know how the stack is set up and how it operates. Review the lecture slides and the textbook. Use GDB and objdump -d

Examples of Buffer Overflow Attacks The Morris Worm: Launched Nov. 2,  Exploited vulnerabilities in Unix.  Intended to merely gauge the size of the Internet, but caused infected computers to become unstable.  Infected approximately 10% of the 60,000 computers connected to the Internet, causing at least $10M in damage.  Prompted DARPA to fund the creation of the CERT Coordination Center at CMU.  Robert Morris, who created the worm, was sentenced to three years probation, 400 hours community service, and a $10,000 fine. (Source:

Examples of Buffer Overflow Attacks The SQL Slammer Worm: Launched Jan. 25, 2003  Exploited a bug in Microsoft's SQL Server and Desktop Engine database products.  90% of vulnerable machines were infected within ten minutes.  Caused significant slowdowns globally, and even caused Internet services in all of South Korea to shut down for hours. (Source:

A very simple example of a Stack Buffer Overflow Attack: buf.c

Exam on Thursday Open book and open note, but you won't have time to look up every answer. Study past exams and know how to answer the questions, but remember that this exam may differ from past exams. Exam Review tomorrow: Question and Answer, so bring SPECIFIC questions. Any questions now?

Recap Schedule DataLab and Bomblab Questions Buflab and Stacks Buffer Overflow Example Exam Review