CHAPTER 4 Methodology.

Slides:



Advertisements
Similar presentations
Suneeta Chawla Web Security Presentation Topic : IP Spoofing Date : 03/24/04.
Advertisements

System Security Scanning and Discovery Chapter 14.
Access Control for Networks Problems: –Enforce an access control policy Allow trust relationships among machines –Protect local internet from outsiders.
Information Networking Security and Assurance Lab National Chung Cheng University Investigating Hacker Tools.
UNIX Chapter 01 Overview of Operating Systems Mr. Mohammad A. Smirat.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
© Lethbridge/Laganière 2001 Chap. 3: Basing Development on Reusable Technology 1 Let’s get started. Let’s start by selecting an architecture from among.
Copyright Arshi Khan1 System Programming Instructor Arshi Khan.
Types of software. Sonam Dema..
 Knowledge and use of tools and resources in a system: standard libraries, system calls, debuggers, the shell environment, system programs and scripting.
Linux Basics CS 302. Outline  What is Unix?  What is Linux?  Virtual Machine.
F13 Forensic tool analysis Dr. John P. Abraham Professor UTPA.
Trying to like a boss… REVERSE ENGINEERING. WHAT EVEN IS… REVERSE ENGINEERING?? Reverse engineering is the process of disassembling and analyzing a particular.
COMPUTER SOFTWARE Section 2 “System Software: Computer System Management ” CHAPTER 4 Lecture-6/ T. Nouf Almujally 1.
Application Security Tom Chothia Computer Security, Lecture 14.
Linux Last Update Copyright Kenneth M. Chipps Ph.D. 1.
Chapter 6 Operating System Support. This chapter describes how middleware is supported by the operating system facilities at the nodes of a distributed.
CIS 450 – Network Security Chapter 16 – Covering the Tracks.
SECURITY ZONES. Security Zones  A security zone is a logical grouping of resources, such as systems, networks, or processes, that are similar in the.
Implementing a Port Knocking System in C Honors Thesis Defense by Matt Doyle.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
(c) University of Technology, Sydney Firewall Architectures.
CE Operating Systems Lecture 3 Overview of OS functions and structure.
Lecture 8 February 29, Topics Questions about Exercise 4, due Thursday? Object Based Programming (Chapter 8) –Basic Principles –Methods –Fields.
Presented by: Reem Alshahrani. Outlines What is Virtualization Virtual environment components Advantages Security Challenges in virtualized environments.
.  Define risk and risk management  Describe the components of risk management  List and describe vulnerability scanning tools  Define penetration.
Homework tar file Download your course tarball from web page – Named using your PSU ID – Chapter labeled for each binary.
Reverse Engineering. Reverse engineering is the general process of analyzing a technology specifically to ascertain how it was designed or how it operates.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
Chapter 4 Software. Introduction Program: is a set of sequence instructions that tell the computer what to do. Software: is a collection of programs,
CEG 2400 FALL 2012 Linux/UNIX Network Operating Systems.
COSC513 Final Project Firewall in Internet Security Student Name: Jinqi Zhang Student ID: Instructor Name: Dr.Anvari.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
Software Reverse Engineering Binary analysis: concepts, methods and tools. Catalin Patulea Mar 5, 2008.
By: Brett Belin. Used to be only tackled by highly trained professionals As the internet grew, more and more people became familiar with securing a network.
INF526: Secure Systems Administration Student Presentations And Review for Final Prof. Clifford Neuman Lecture July 2016 OHE100C.
OPERATING SYSTEM CONCEPTS AND PRACTISE
Fundamentals of Information Systems, Sixth Edition
CSCE 548 Student Presentation By Manasa Suthram
Protecting Memory What is there to protect in memory?
Chapter Objectives In this chapter, you will learn:
Security Testing Methods
The Linux Operating System
World Wide Web policy.
Chapter 5 Linux Services
Techniques, Tools, and Research Issues
Module 4 Remote Login.
Lesson Objectives Aims You should be able to:
Outline Introduction Characteristics of intrusion detection systems
A451 Theory – 7 Programming 7A, B - Algorithms.
XWN740 X-Windows Configuring and Using Remote Access
Introduction to Operating System (OS)
What is an Operating System?
Computer Software CS 107 Lecture 2 September 1, :53 PM.
How to Fix Secure Connection Error in WordPress?.
So… what is ransomware? #SPICECORPS.
Nessus Vulnerability Scanning
Chapter 2: The Linux System Part 2
X Windows.
COMPUTER SOFT WARE Software is a set of electronic instructions that tells the computer how to do certain tasks. A set of instructions is often called.
COEN 252 Computer Forensics
Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein
Linux and TCP/IP Networking
Chapter 2: Operating-System Structures
Engineering Secure Software
Cohesion and Coupling.
Chapter-1 Computer is an advanced electronic device that takes raw data as an input from the user and processes it under the control of a set of instructions.
1.3.7 High- and low-level languages and their translators
Security and JavaScript
Types of Software Testing Course. CONTENT  Black-box testing course  White-box software testing course  Automated software testing course  Regression.
Presentation transcript:

CHAPTER 4 Methodology

TYPES OF PROBLEMS 1. Black Box 2. Translucent Box 3. Crystal Box This is the process to find vulnerabilities when attackers decide to go about attacking a product or system. Before attacking, there are three different classes of problems can be recognized: 1. Black Box 2. Translucent Box 3. Crystal Box The types of box refers to the level of visibility into the workings of the system we want to attack.

BLACK BOX Unknown Chips It refers to any component or part of a system whose inner functions are hidden from the user of the system. Black Box analysis situation: Unknown Chips A good example of real-life black box. There are a lot of difficulty to determine what kind of chip. How to attack? Rip the box open but it only works when the box is physically available to user.

BLACK BOX Unknown Remote Host A host across a network called FRED. There are no physical access to the host. How to attack? 1. Attacker would probably grab a handful of DoS tools and hit FRED. A program file of FRED may gives much greater sight into what FRED’s internal look like. 2. FRED has a UI of some sort. UI will have something (input) that FRED will accept (a possible bit stream) and attacker will have a chance to guess what the commands might be.

TRANSLUCENT BOX The black box discussion is only theory because there are no truly black box, only translucent boxes of various degree of transparency. How to attack? The attack can be done by penetrating the box shell and peek inside at the inner workings. It can be accomplished on a system or product under user control even for a remote system. The attack can be applied by using a number of tools and techniques against the system or product.

TRANSLUCENT BOX System Monitoring Tools It can determine what kinds of files and other resources the program accesses. Windows doesn’t come with any tools of this sort, so, we should go to a third party. In particular, the tools of interest are Filemon and Regmon. Filemon allow user to monitor a running program to see what files it is accessing whether it’s reading or writing, where the file in and what other files it’s looking for.

TRANSLUCENT BOX Regmon allows user to monitor much the same for the Windows Registry, what keys it’s accessing, modifying, reading, looking for, etc. In most UNIX versions come with a set of tools that are a number of tracing programs, for example, trace, strace, ktrace and truss. In Red Hat Linux (version 6.2), attack can be done by using strace utility – it can show system (kernel) calls and what the parameters are, so, attackers can learn a lot about how a program works this way.

TRANSLUCENT BOX Packet Sniffing Tools This tools usually used to attack the program if the program is primarily a network program. A tool that can be used to do packet sniffing is called sniffer. In network attack, we will need to determine what constitutes a unit of information, called “field”. A field is a piece of the input that the host processes separately. All these fields make up the protocol the server speaks.

TRANSLUCENT BOX Debuggers and Decompilers A debugger is a piece of software that will take control of another program, ex, SoftICE. It allow things like stopping at certain points in this execution, changing variables and even changing the machine code in some cases. A decompiler (disassembler) is a program that takes binary code and turns it into some higher-level language, often, assembly language, ex, IDA Pro. It can deduce some of the original source code from the binary (object) code.

CRYSTAL BOX A crystal box is one we can see straight into the box. This means for two things: 1. A hardware that we have the schematics 2. A software that we have the source code. How to attack? If we have the schematics for a hardware or the source code for a product or software, just read the code and change the code to disable the operation.

PROBLEMS There are some problems to find vulnerabilities using of all these methods: 1. Lack of information and difficulty in obtaining it, for example, in the crystal box, the reviewer must have a certain minimal knowledge set to be effective. 2. Cost and availability of tools. Some of the tools are quite expensive, for example, decompilers and debuggers. 3. Difficulty in creating a duplicate environment because there will still usually be significant time and disruption involved in configuring a target.

HOW TO SECURE There really isn’t any form of protection against these types of attacks. The main protection is make things as difficult as possible for attacker to attack by: 1. Limit the information given away. The less information leaked, the harder the attacker has to work. 2. Limit the rate at which information leaked. The less rate leaked, the slower the attacker has to work.

End of Chapter 4 Thank You

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.