Quiz 2 Post-Mortem Bruce Maggs. 2 Create a new BitCoin address, and use it only once. E.g., create a new wallet. Create a new address and mine a BitCoin.

Slides:



Advertisements
Similar presentations
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Advertisements

IS 376 NOVEMBER 5, DATA BREACH INVESTIGATIONS REPORT By The Verizon RISK Team Research Investigations Solutions Knowledge.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Chapter 1  Introduction 1 Chapter 1: Introduction.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
6 C H A P T E R © 2001 The McGraw-Hill Companies, Inc. All Rights Reserved1 Electronic Mail Electronic mail has revolutionized the way people communicate.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Network Security. Reasons to attack Steal information Modify information Deny service (DoS)
Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Network Layer and Transport Layer.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Network & Computer Attacks (Part 2) February 11, 2010 MIS 4600 – MBA © Abdou Illia.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Chapter 1  Introduction 1 Chapter 1: Introduction “Begin at the beginning,” the King said, very gravely, “and go on till you come to the end: then stop.”
BITCOIN An introduction to a decentralised and anonymous currency. By Andy Brodie.
Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Computer Science Public Key Management Lecture 5.
Instant Messaging Security Flaws By: Shadow404 Southern Poly University.
SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Network Security Chapter Computer Networks, Fifth Edition by Andrew Tanenbaum and David Wetherall, © Pearson Education-Prentice Hall, 2011.
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Malicious Code Brian E. Brzezicki. Malicious Code (from Chapter 13 and 11)
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
The Internet Netiquette and Dangers. Outline Netiquette Dangers of the Internet.
Electronic Payment Systems. How do we make an electronic payment? Credit and debit cards Smart cards Electronic cash (digital cash) Electronic wallets.
8-1Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity, authentication.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
3-Protecting Systems Dr. John P. Abraham Professor UTPA.
Chapter 37 Network Security. Aspects of Security data integrity – data received should be same as data sent data availability – data should be accessible.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.
Lecture 20 Hacking. Over the Internet Over LAN Locally Offline Theft Deception Modes of Hacker Attack.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
What is Spam? d min.
SSL Certificates for Secure Websites Dan Roberts Kent Network Users Group Wednesday, 17 March 2004.
A Quick Look At How Works Understanding the basics of how works can make life a lot easier for any user. Especially those who are interested.
Firewalls. Intro to Firewalls Basically a firewall is a barrier to keep destructive forces away from your computer network.
Network Security Threats KAMI VANIEA 18 JANUARY KAMI VANIEA 1.
Group 9. Exploiting Software The exploitation of software is one of the main ways that a users computer can be broken into. It involves exploiting the.
Role Of Network IDS in Network Perimeter Defense.
Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.
Carrie Estes Collin Donaldson.  Zero day attacks  “zero day”  Web application attacks  Signing up for a class  Hardening the web server  Enhancing.
General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use.
Skype.
Eric Van Horn Cosc 356.  Nearly every organization in todays era uses computers and a network to send, receive, and store information  Very important.
Agenda Spoofing Types of Spoofing o IP Spoofing o URL spoofing o Referrer spoofing o Caller ID spoofing o Address Spoofing.
Secure HTTP (HTTPS) Pat Morin COMP 2405.
Port Knocking Benjamin DiYanni.
SSL Certificates for Secure Websites
Newer Technologies Fraud
Backdoor Attacks.
Bitcoin Explained in 2 Minutes
Using SSL – Secure Socket Layer
Protocol ap1.0: Alice says “I am Alice”
Computer Security.
COSC-100 (Elements of Computer Science) Prof. Juola
Chapter 8 roadmap 8.1 What is network security?
Presentation transcript:

Quiz 2 Post-Mortem Bruce Maggs

2 Create a new BitCoin address, and use it only once. E.g., create a new wallet. Create a new address and mine a BitCoin. Alternately, mail cash through U.S. Postal Service, along with your BitCoin address to someone who will exchange cash for BitCoin. (Illegal: steal someone’s BitCoin wallet.)

3 Unlike TOR, all BitCoin transactions must be recorded in the public ledger. So it is possible for anyone to see who first transferred the BitCoin into the BitTOR relay network, and who received the BitCoin from the BitTOR network.

4 Both certificates are legitimate and will be accepted without any warnings or problems. Malware signed with the certificate would not create any warning messages on installation, in fact, the user would be told the software came from a reliable publisher. The attacker can set up a fake Web site that appears to the user to be legitimate, i.e., no warnings about a bad certificate. Then the attacker can act as a man in the middle between the user and the actual site, e.g., a bank Web Site.

5 It is inconvenient and expensive to get your server certificate signed, and the threat of man-in-the-middle attacks is perceived as being low. The client can verify that the server has had its identity checked by a reputable certificate authority. This guarantee provides more assurance than simply knowing that the public key has or has not been seen before.

6 Alice sends g a to Bob and Carol, Bob sends g b to Alice and Carol, and Carol sends g c to Alice and Bob. Alice computes g ab and g ac, sends g ab to Carol, g ac to Bob. Bob sends g bc to Alice. Alice, Bob, and Carol can each compute g abc.

7 The return address is not overwritten, so the attacker cannot transfer program execution to any code that might be injected by the buffer overflow.

8 The attacker can now overwrite the return address and then inject the code that is to be executed on return.

9 The text section should be read-only (or any attempts to modify it should cause a crash), and the program counter should not be allowed to go out of the text section.

10 All connections pass through the firewall. The firewall can keep track of all connections initiated by hosts on the home network (and provide port- address translation if needed), and not allow packets in from outside for connections that aren’t already established, i.e., it provides protections (a) and (b).

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.