Copyright © Microsoft Corp 2006 Pragmatic Secure Design: Attack Surface Reduction Shawn Hernan Security Program Manager Security Engineering and Communication.

Slides:

Advertisements

Similar presentations

Patch Management Patch Management in a Windows based environment

Advertisements

Application Security Best Practices At Microsoft Ensuring the lowest possible exposure and vulnerability to attacks Published: January 2003.

Internet Information Server 6.0. IIS 6.0 Enhancements  Fundamental changes, aimed at: Reliability & Availability Reliability & Availability Performance.

USING EMET TO DEFEND AGAINST TARGETED ATTACKS PRESENTED BY ROBERT HENSING – SENIOR CONSULTANT – MICROSOFT CORPORATION MICHAEL MATTES – SENIOR CONSULTANT.

Microsoft Windows XP SP2 Urs P. Küderli Strategic Security Advisor Microsoft Schweiz GmbH.

Windows Server 2003 SP1. Windows Server™ 2003 Service Pack 1 Technical Overview Jill Steinberg: Added TM Jill Steinberg: Added TM.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

Copyright © Microsoft Corp 2006 Introduction to Security Testing Shawn Hernan Security Program Manager Security Engineering and Communication.

Securing your data Security with Microsoft Infrastructure and Internet Explorer Matt Kestian Strategic Security Advisor | National Security Team | Microsoft.

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Chapter 7 HARDENING SERVERS.

1 Pertemuan 6 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.

Alert Management System By:  Christopher Galinski  Uri Soloveychik Mentor:  Zeev Schneider For: Software Systems Lab in the faculty of Electrical Engineering,

Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.

Security Awareness: Applying Practical Security in Your World Chapter 6: Total Security.

Information for Developers Windows XP Service Pack 2 Information for Developers.

Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.

Windows XP Service Pack 2 and the Microsoft Virtual Machine: Developer Implications Rudi Larno Developer & Platform Group Microsoft BeLux.

Cracking Windows Access Control Andrey Kolishchak Hack.lu 2007.

Security of Communication & IT systems Bucharest, 21 st September 2004 Stephen McGibbon Chief Technology Officer, Eastern Europe, Russia & CIS Senior Director,

2851A_C01. Microsoft Windows XP Service Pack 2 Security Technologies Bruce Cowper IT Pro Advisor Microsoft Canada.

Microsoft October 2004 Security Bulletins Briefing for Senior IT Managers updated October 20, 2004 Marcus H. Sachs, P.E. The SANS Institute October 12,

Vulnerabilities. flaws in systems that allow them to be exploited provide means for attackers to compromise hosts, servers and networks.

Copyright 2009 Trend Micro Inc. OfficeScan 10.5 VDI-aware endpoint security.

1 GFI LANguard N.S.S VS NeWT Security Scanner Presented by:Li,Guorui.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

Information for Developers Windows XP Service Pack 2 Information for Developers Tony Goodhew Product manager Developer Division Microsoft Corp

 Protect customers with more secure software  Reduce the number of vulnerabilities  Reduce the severity of vulnerabilities  Address compliance requirements.

W HAT DOES EXPLOIT MEAN ? A ND THE S ASSER WORM Seminar on Software Engineering, Short Presentation Christian Gruber.

CIS 460 – Network Design Seminar Network Security Scanner Tool GFI LANguard.

Honeypot and Intrusion Detection System

AMSI Hosting Options User Panel Discussion Presented by Brian Torney Session 107 Advantages of Self Hosting.

Module 14: Configuring Server Security Compliance

© 1999 Ernst & Young LLP e e treme hacking Black Hat 1999 Over the Router, Through the Firewall, to Grandma’s House We Go George Kurtz & Eric Schultze.

Recent Internet Viruses & Worms By Doppalapudi Raghu.

Module 6: Integrating ISA Server 2004 and Microsoft Exchange Server.

Module 6: Designing Security for Network Hosts

Module 14: Securing Windows Server Overview Introduction to Securing Servers Implementing Core Server Security Hardening Servers Microsoft Baseline.

Microsoft Security Response Center Presented by Fan Chiang, Chun-Wei( 范姜竣韋 ) 2015/11/14 1 NTUIM.

Hacking Windows 9X/ME. Hacking framework Initial access physical access brute force trojans Privilege escalation Administrator, root privileges Consolidation.

Vulnerability Scanning Vulnerability scanners are automated tools that scan hosts and networks for known vulnerabilities and weaknesses Credentialed vs.

Lecture 19 Page 1 CS 236 Online Securing Your System CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Invitation to Computer Science 5 th Edition Chapter 8 Information Security.

Advancing Security Progress and Commitment Stuart Okin Chief Security Advisor – Microsoft UK Delivering on security (an update on progress)

Copyright © Microsoft Corp 2006 The Security Development Lifecycle Eric Bidstrup, CISSP Group Program Manager Security Engineering and Communication.

按一下以編輯母片文字樣式第二層第三層第四層第五層 Microsoft Security Response Center Presented by Fan Chiang, Chun-Wei( 范姜竣韋 ) 2016/2/16 1 OPLab, NTUIM.

Databases Kevin Wright Ben Bruckner Group 40. Outline Background Vulnerabilities Log File Cleaning This Lab.

Windows Server 2003 SP1 Technical Overview John Howard, IT Pro Evangelist, Microsoft UK

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Vulnerabilities in Operating Systems Michael Gaydeski COSC December 2008.

1 BCS 4 th Semester. Step 1: Download SQL Server 2005 Express Edition Version Feature SQL Server 2005 Express Edition SP1 SQL Server 2005 Express Edition.

Internet security for the home Paul Norton MEng(Hons) MIEE Electronic engineer working for Pascall Electronics Ltd. on the Isle of Wight A talk on Internet.

Microsoft OS Vulnerabilities April 1, 2010 MIS 4600 – MBA © Abdou Illia.

Defense In Depth: Minimizing the Risk of SQL Injection

ClickOnce Deployment (One-click Deployment)

Chapter 5 Electronic Commerce | Security Threats - Solution

TMG Client Protection 6NPS – Session 7.

Common Methods Used to Commit Computer Crimes

Compliance with hardening standards

Chapter 5 Electronic Commerce | Security Threats - Solution

Microsoft’s Security Strategy

Today’s Malicious Code Threat ~ JS.Scob.Trojan Analysis

Lecture 2 - SQL Injection

Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein

Severity and Exploitability Index

SQL Server 2005 Reporting Services

Designing IIS Security (IIS – Internet Information Service)

Agenda The current Windows XP and Windows XP Desktop situation

ClickOnce Deployment (One-click Deployment)

Implementing Advanced Server and Client Security

Presentation transcript:

Copyright © Microsoft Corp 2006 Pragmatic Secure Design: Attack Surface Reduction Shawn Hernan Security Program Manager Security Engineering and Communication

2 Copyright © Microsoft Corp 2006 VULNERABILITY IDENTIFIERS IMPACT OF VULNERABILITY WINDOWS 2000 WINDOWS XP WINDOWS SERVER 2003 LSASS Vulnerability - CAN Remote Code Execution CriticalCriticalLow LDAP Vulnerability – CAN Denial Of Service ImportantNoneNone PCT Vulnerability - CAN Remote Code Execution CriticalImportantLow Winlogon Vulnerability - CAN Remote Code Execution ModerateModerateNone Metafile Vulnerability - CAN Remote Code Execution CriticalCriticalNone Help and Support Center Vulnerability - CAN Remote Code Execution NoneCriticalCritical Utility Manager Vulnerability - CAN Privilege Elevation ImportantNoneNone Windows Management Vulnerability - CAN Privilege Elevation NoneImportantNone Local Descriptor Table Vulnerability - CAN Privilege Elevation ImportantNoneNone H.323 Vulnerability* - CAN Remote Code Execution ImportantImportantImportant Virtual DOS Machine Vulnerability - CAN Privilege Elevation ImportantNoneNone Negotiate SSP Vulnerability - CAN Remote Code Execution CriticalCriticalCritical SSL Vulnerability - CAN Denial Of Service ImportantImportantImportant ASN.1 “Double Free” Vulnerability - CAN Remote Code Execution CriticalCriticalCritical Aggregate Severity of All Vulnerabilities CriticalCriticalCritical A Case Study: MS Code fixed in Windows Server 2003 (50%) Code not fixed in Windows Server 2003 (50%) Extra Defense in Windows Server 2003 (29% of )

3 Copyright © Microsoft Corp 2006 The Horrible Truth (1 of 4) No matter how much effort we expend, we will never get code 100% correct Asymmetric problem We must be 100% correct, 100% of the time, on a schedule, with limited resources, only knowing what we know today Oh, and the product has to be reliable, supportable, compatible, manageable, affordable, accessible, usable, global, doable, deployable, … They can spend as long as they like to find one bug, with the benefit of future research We’re human and our tools are far from perfect

4 Copyright © Microsoft Corp 2006 The Horrible Truth (2 of 4) The “Patch Window” is a joke Once we issue a patch, the clock starts “Zotob Proves Patching "Window" Non-Existent” “Defense in depth is your only chance to survive the early release of malware.” “Hackers Beating Efforts to Patch Software Flaws” /0,10801,104092,00.html “Instead of going out and looking for vulnerabilities on their [hackers] own, they are waiting for patches to be released to see what holes are being fixed." Then they go after those holes as quickly as they can. The trend could leave many companies dangerously exposed.”

5 Copyright © Microsoft Corp 2006 The Horrible Truth (3 of 4) Tools make it easy to build exploit code Reverse engineering tools Structural Comparison of Executable Objects, Halvar Flake PCT Bug: “Detecting and understanding the vulnerability took less than 30 minutes.” H.323 ASN.1 Bug: “The total analysis took less than 3 hours time.” Exploit Payloads

6 Copyright © Microsoft Corp 2006 Choose your ‘sploit Enter some detailsHere’s the ‘sploit code!

7 Copyright © Microsoft Corp 2006 The Horrible Truth (4 of 4) Cost for attacker to build attack is very low Cost to our customers is very high

8 Copyright © Microsoft Corp 2006 The Attack Surface Reduction Process (1 of 2) Look at all your entry points (the threat model helps) Primarily network I/O and File I/O Can any of the entry points’ attack surface be driven lower?

9 Copyright © Microsoft Corp 2006 The Attack Surface Reduction Process (2 of 2) Higher Attack Surface Lower Attack Surface Executing by default Off by default Open socket Closed socket UDPTCP Anonymous Access User Access Admin Access Internet Access Local Subnet Access SYSTEM Not SYSTEM! Weak ACLs Strong ACLs

10 Copyright © Microsoft Corp 2006 Watch Out for Fanout! File formats JPG, MSH, GIF, etc Sub-protocols SSL2, SSL3, TLS, PCT VerbsHTTPClassic GET, POST, HEAD WebDAV PROPPATCH, PROPFIND, DELETE, MOVE, LOCK SMTP HELO, EHLO, MAIL, RCPT Queries Extended sprocs, sprocs

11 Copyright © Microsoft Corp 2006 ASR Examples Windows XP SP2 Authenticated RPC Firewall on by default IIS6 Off by default Network service by default Static files by default SQL Server 2005 xp_cmdshell off by default CLR and COM off by default Network service Visual Studio 2005 Web server localhost only SQL Server Express localhost only

12 Copyright © Microsoft Corp 2006 How ASR Helped Microsoft Customers Sasser Affected Win2000 and WinXP Did not affect Win2003 RCP endpoint was marked local admin only Zotob Affected Win2000 Did not affect WinXP Firewall & authenticated RPC

13 Copyright © Microsoft Corp 2006 Attack Surface Reduction is as important as trying to get the code right

14 Copyright © Microsoft Corp 2006  Understand the SDL – it applies to you!  Reduce attack surface  Reduce attack surface EARLY! Design Checklist