Vulnerabilities of Windows XP Brock Prince Dana Zottola ECE 578 Spring 2002 C.K. Koc.

Slides:

Advertisements

Similar presentations

REFLEX INTRUSION PREVENTION SYSTEM.. OVERVIEW The Reflex Interceptor appliance is an enterprise- level Network Intrusion Prevention System. It is designed.

Advertisements

Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.

Chapter 17: WEB COMPONENTS

Computer Security Fundamentals by Chuck Easttom Chapter 4 Denial of Service Attacks.

Simulation and Analysis of DDos Attacks Poongothai, M Department of Information Technology,Institute of Road and Transport Technology, Erode Tamilnadu,

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

How’s My Network (HMN)? A Java approach to Home Network Measurement Alan Ritacco, Craig Wills, and Mark Claypool Computer Science Department Worcester.

Introduction to Security Computer Networks Computer Networks Term B10.

Rheeve: A Plug-n-Play Peer- to-Peer Computing Platform Wang-kee Poon and Jiannong Cao Department of Computing, The Hong Kong Polytechnic University ICDCSW.

Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA © Abdou Illia.

PROGRESS project: Internet-enabled monitoring and control of embedded systems (EES.5413)  Introduction Networked devices make their capabilities known.

The MS Blaster worm Presented by: Zhi-Wen Ouyang.

Wi-Fi Structures.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 8: Implementing and Managing Printers.

Hussain Ali Department of Computer Engineering KFUPM, Dhahran, Saudi Arabia Microsoft Networking.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

Universal Plug and Play (UPnP) Presented by: Kamal Kamal Kamal Kamal Mohammad Atieh Mohammad Atieh.

Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Spring 2006.

1 GFI LANguard Network Security Scanner. 2 Contents Introduction Features Source & Installation Testing environment Results Conclusion.

DoS/DDoS Attack Forbes Henderson. What is a DoS Attack  DoS Attack (Denial of Service Attack)  A Denial of Service Attack is Often used by hackers to.

Operating Systems.

Terminal Services Terminal Services is the modern equivalent of mainframe computing, in which servers perform most of the processing and clients are relatively.

Common forms and remedies Neeta Bhadane Raunaq Nilekani Sahasranshu.

2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.

Microsoft October 2004 Security Bulletins Briefing for Senior IT Managers updated October 20, 2004 Marcus H. Sachs, P.E. The SANS Institute October 12,

And how they are used. Hubs send data to all of the devices that are plugged into them. They have no ability to send packets to the correct ports. Cost~$35.

Week 8-1 Week 8: Denial of Service (DoS) What is Denial of Service Attack? –Any attack that causes a system to be unavailability. This is a violation of.

1 GFI LANguard N.S.S VS NeWT Security Scanner Presented by:Li,Guorui.

Penetration Testing Security Analysis and Advanced Tools: Snort.

1 Guide to Network Defense and Countermeasures Chapter 2.

Remedies Use of encrypted tunneling protocols (e.g. IPSec, Secure Shell) for secure data transmission over an insecure networktunneling protocolsIPSecSecure.

Honeypot and Intrusion Detection System

ITIS 1210 Introduction to Web-Based Information Systems Chapter 45 How Hackers can Cripple the Internet and Attack Your PC How Hackers can Cripple the.

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )

Final Introduction ---- Web Security, DDoS, others

Module 5: Designing a Terminal Services Infrastructure.

(*Fax messaging is available only upon request; fees apply.) What Is Unified Messaging? Voice, fax* and messaging within a single interface Access.

--Harish Reddy Vemula Distributed Denial of Service.

1 CHAPTER 3 CLASSES OF ATTACK. 2 Denial of Service (DoS) Takes place when availability to resource is intentionally blocked or degraded Takes place when.

Hands-On Microsoft Windows Server Introduction to Remote Access Routing and Remote Access Services (RRAS) –Enable routing and remote access through.

Cisco Router Hacking Group 8 Vernon Guishard Kelvin Aguebor ECE 4112.

Distributed Denial of Service Attacks Shankar Saxena Veer Vivek Kaushik.

1 Implementing Monitoring and Reporting. 2 Why Should Implement Monitoring? One of the biggest complaints we hear about firewall products from almost.

National Chi Nan University Automatic Event-Driven System for Network Management Author: Ya-Ling Wang, Arak Sae Yuan, Quincy Wu Date : 2/21/2012.

Voice-based generic UPnP Control Point Andreas BobekUniversity of Rostock Faculty of Computer Science and Electrical Engineering Andreas Bobek, Hendrik.

Link-Layer Protection in i WLANs With Dummy Authentication Will Mooney, Robin Jha.

Open-Eye Georgios Androulidakis National Technical University of Athens.

Network Security Part III: Security Appliances Firewalls.

4061 Session 26 (4/19). Today Network security Sockets: building a server.

Retina Network Security Scanner

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Network Forensics - III November 3, 2008.

DoS/DDoS attack and defense

Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.

Web Security Firewalls, Buffer overflows and proxy servers.

DOS Attacks Lyle YapDiangco COEN 150 5/21/04. Background DOS attacks have been around for decades Usually intentional and malicious Can cost a target.

Introduction to Networking. What is a Network? Discuss in groups.

Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.

Denial of Service A comparison of DoS schemes Kevin LaMantia COSC 316.

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

Setting-Up and Securing a Server

Chapter 3: Windows7 Part 4.

Digital Pacman: Firewall Edition

Nessus Vulnerability Scanning

Computer Networks ARP and RARP

Using Software Restriction Policies

Presentation transcript:

Vulnerabilities of Windows XP Brock Prince Dana Zottola ECE 578 Spring 2002 C.K. Koc

Outline Introduction Universal Plug and Play (UPnP)  Unchecked Buffer  Denial of Service  Distributed Denial of Service Discovery of Vulnerabilities Patch Conclusions

Introduction Universal Plug and Play is a valuable feature, and a growing trend in network systems Windows XP claimed to be secure against hackers 3 Vulnerabilities found related to UPnP in Windows XP

Universal Plug and Play (UPnP) Detects and connects to:  Computers  Intelligent appliances  Wireless devices Defines set of protocols for connection  Allows for easy configuration

Universal Plug and Play (UPnP) Example:  User connects laptop to: Network  Print server  DSL router  Fax machine  Other computers

Universal Plug and Play (UPnP)

Six basic layers:  Device addressing  Device discovery  Device description  Action invocation  Event messaging  Presentation or human interface

Remotely Exploitable Buffer An attacker can gain remote SYSTEM level access to any default installation of Windows XP Unchecked buffer in one of the components that handle the NOTIFY directives  Send a specially malformed NOTIFY directive, and it is possible for an attacker to run code in the context of the UPnP subsystem, which runs with System priviledges on Windows XP.

Denial of Service Attack Denial of Service (DoS) attacks crash a system, and the user has to physically power cycle the machine to regain functionality The UPnP feature of Windows XP leaves the system vulnerable to DoS attacks

Distributed Denial of Service Attack Distributed Denial of Service (DDoS) attacks cause many systems to flood or attack a single host. The UPnP and raw socket support features of Windows XP leave the system vulnerable to DDoS attacks Raw Sockets (Not Related to UPnP)

Discovery of Vulnerabilities eEye Digital Security  Believe there are several security issues with the UPnP protocol  Found 3 vulnerabilities within Microsoft’s implementation of UPnP  Alerted Microsoft immediately upon discovery of the vulnerabilities

Patch Available soon after vulnerabilities discovered Downloadable from: in/MS asp

Conclusions UPnP is a good idea Windows XP is vulnerable upon default installation, but patch is available Raw socket support still under debate

References [1] [2] [3] [4] [5] [6] [7] [8] [9] [10]