Presentation is loading. Please wait.

Presentation is loading. Please wait.

Sockets and Services CS-480b Dick Steflik. Evaluating Socket Based Services How complex is the service? How might the service be abused? What information.

Published byAdonis Conner Modified over 10 years ago

Similar presentations

Presentation on theme: "Sockets and Services CS-480b Dick Steflik. Evaluating Socket Based Services How complex is the service? How might the service be abused? What information."— Presentation transcript:

1 Sockets and Services CS-480b Dick Steflik

2 Evaluating Socket Based Services How complex is the service? How might the service be abused? What information does the service dispense? How much of a dialog does the service allow? How programmable or configurable is the service? What other services does the service rely on? What sort of authentication does the service use?

3 How complex is the service ? Complex services are easier to exploit than simple ones –the more complex it is the more possible points there are that a hacker can try to exploit DayTime is as simple as a service can get –A connect is recognized by the server and the server responds and closes the connection; no user input required. –About the only exploit would be DoS by flooding service with requests POP is more complex –possible password theft (remember they are not encrypted) theft of data loss of privacy –could try buffer overflows on any command possibly crash server –DoS attempt

4 How might the service be abused ? Hackers are very creative and will abuse a service in any variety of hard to imagine ways –hijacking taking over a valid users connection –redirecting rerouting a users connection to another host –DoS flooding the service with requests for service redirecting Chargen output to some unsuspecting computer could flood it with data that it didnt request

5 What information does the service dispense ? Some services provide deliver extensive user information –Finger was originally created to allow UNIX users to locate one another on a UNIX system; depending on configuration parameters none, minimal or extensive user information can be delivered –Whois is another service that dispenses user information Consider blocking these services altogether –they make it too easy to identify users or make it to easy for a hacker to validate the existence of a userid –at least block incoming requests,if incoming is required insist it be used via VPN

6 How much of a dialog does the service allow? The more complex the dialog presented by the service the harder it is to secure –HTTP is a simple stateless protocol and is easy to secure –FTP is complex and hard to secure stateful protocol uses two ports (20, 21) extensive command structure user ids and passwords are often the same as system user ids and passwords A complex dialog presents many possible points of attack

7 How programmable or configurable is the service? Many modern services have literally hundreds of configuration parameters –abundant room for misconfiguration errors –poor testing and pressure to meet product release dates is conducive to buggy code and/or development code to still be in the code SMNP, RIP and OSPF are used for remote configuration of network devices should never allow incoming requests for these protocols Some services (HTTP, LDAP…) allow remote administration via web interfaces (HTML, ActiveX or Java) –if possible allow only localhost access

8 What sort of authentication does the service use ? If authentication is done in the clear (POP3, telnet, Basic HTTP…) it is easily intercepted by anyone using a sniffer program –HTTPs base 64 encoding of passwords isnt really secure as it is easily decoded or worse yet recorded and replayed Authentication is best if credentials are encrypted –public key techniques –challenge/response protocols Password guessers –should watch for and log multiple password failures use reverse DNS to find domain

Download ppt "Sockets and Services CS-480b Dick Steflik. Evaluating Socket Based Services How complex is the service? How might the service be abused? What information."

Similar presentations

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.

Transfer Content to a Website What is FTP? File Transfer Protocol FTP is a protocol – a set of rules Designed to allow files to be transferred across.
NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.

NETWORK SECURITY ADD ON NOTES MMD © Oct2012. IMPLEMENTATION Enable Passwords On Cisco Routers Via Enable Password And Enable Secret Access Control Lists.
Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.

Denial of Service & Session Hijacking.  Rendering a system unusable to those who deserve it  Consume bandwidth or disk space  Overwhelming amount of.
Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.

Hacker, Cracker?! Are they the same? No!!! Hacker programmers intensely interested in the arcane and recondite workings of any computer operating system.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
How Clients and Servers Work Together. Objectives Web Server Protocols Examine how e-mail server and client software work Use FTP to transfer files Initiate.

How Clients and Servers Work Together. Objectives Web Server Protocols Examine how server and client software work Use FTP to transfer files Initiate.
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.

WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213-3890 Sponsored by.

Intruder Trends Tom Longstaff CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by.
CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.

CSI 400/500 Operating Systems Spring 2009 Lecture #20 – Security Measures Wednesday, April 29 th.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”

OCT1 Principles From Chapter One of “Distributed Systems Concepts and Design”
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
Georgy Melamed Eran Stiller

Georgy Melamed Eran Stiller
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.

Assessing the Threat How much money is lost due to cyber crimes? –Estimates range from $100 million to $100s billions –Why the discrepancy? Companies don’t.
TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.

TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.
Server issues How to approach the design of servers.

Server issues How to approach the design of servers.
Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.

Attack Profiles CS-480b Dick Steflik Attack Categories Denial-of-Service Exploitation Attacks Information Gathering Attacks Disinformation Attacks.

Similar presentations

Ads by Google