Presentation is loading. Please wait.

Presentation is loading. Please wait.

2 Richard S. Carson and Associates Management Consulting Web-Based Products World Wide Digital Security, Inc. Backgroun d.

Published byEustacia Robinson Modified over 9 years ago

Similar presentations

Presentation on theme: "2 Richard S. Carson and Associates Management Consulting Web-Based Products World Wide Digital Security, Inc. Backgroun d."— Presentation transcript:

1

2

3 2 Richard S. Carson and Associates Management Consulting Web-Based Products World Wide Digital Security, Inc. Backgroun d

4 3 A suite of web-based security assessment tools used to determine a network’s vulnerability and risk, with a patent pending methodology —  Single assessment  Network  Denial of Service Our Product

5 4 Benefits of WebSaint TM  Web based delivery system – basis for minimum user impact  Dedicated computer is not needed – it is run on the web  Easy to use – complexities of installing software are removed  No costly software  Results are self explanatory – trained security professionals are not needed  Use as many times as you need under the 3-month subscription  Cost advantage in terms of product price and minimal resource impact  Product is always up-to-date with the most current vulnerabilities and threats

6 5 Our Customer The network administrator of a small to medium size enterprise who is looking for the easiest and most accurate tool to analyze network security —  Overworked  Dealing with Y2K issues  Resources limited for security

7 6 The Opportunity 1997 2002 Internet Users 50 million 175 million Electronic Commerce $8 billion$327 billion Network Security$1.3 billion $6.5 billion

8 7 The Opportunity Our niche is the Internet Security Assessment market — estimated to be $1 billion by 2002 WebSaint™ provides:  Vulnerability assessment by identifying security strengths and weaknesses  Detailed review and evaluation of a company's network, allowing the development of a baseline security policy from the data collected.  Corporate confidence that current security standards are being met.

9 8 Our Competition  Internet Security Systems, Inc.  Network Associates, Inc.  Axent Technologies, Inc.  Netect, Inc.  Security Dynamics Technologies, Inc.

10 9 Our Uniqueness in the Security Market  Patent pending, web-based delivery system  Subscription sales/easy selling approach  Focused – security assessments  Leads to consulting services

11 10 Marketing  SATAN  SAINT  WebSaint TM  Name recognition  VARs, partnerships, Joint Development Agreements  Using integrated Web and PR marketing approach  www.wwdsi.com

12 11  SATAN Released April 1995  COAST extensions released in December 1995  No updates since release  Scan of large network using SATAN prompted development of SAINT SAINT TM History

13 12 SAINT TM – The New SATAN New tests for the following:  “R” services (rlogin, rshell and rexec)  Vulnerable CGIs (e.g., webdist, phf, and test-cgi)  Vulnerable versions of IMAP and POP  SMB open shares  New backdoors (NetBus, Back Orifice)  ToolTalk service  Vulnerable versions of DNS  rpc.statd service  UDP echo and/or chargen (can be used for DoS)  Vulnerable news servers

14 13 SAINT TM – The New SATAN  Identifies Microsoft Windows (3.x, 95, 98, NT) computers (may be vulnerable to various DoS attacks)  Added a new attack level (heavy +)  Performs in a firewalled environment  Many cosmetic and functional improvements

15 14  UNIX platform (AIX, OSF, Free BSD, BSDI, IRIX, HP-UX, Linux, SunOS, System V)  20MB disk space  As much memory as you can get  Perl 5.00 or above  C compiler  Web browser  SAMBA (for SMB tests) What You Need

16 15 How it Works

17 16  Controls what hosts SAINT may probe  Controls the intensity of the probes  Specified in the configuration file  attack level and what probes are included  status file  timeouts and timeout signals  proximity variables  trusted or untrusted  targeting exceptions  workarounds (DNS, ICMP)  Some settings can be changed via command-line switches or from hypertext user interface Policy Engine

18 17  Specified by User  one host  class C subnet  Generated by inference engine when processing facts generated by data acquisition module  Saves time by checking whether hosts are actually alive first  fping (default)  tcp_scan on common ports (firewall) Target Acquisition

19 18  Executes probes based on target’s scanning level  light  normal  heavy  heavy plus  Written in Perl or shell script  Output written to database in common tool record format Data Acquisition

20 19  Rules applied in real-time  Results are either  new facts for inference engine  new probes for data acquisition module  new targets for target acquisition module  Actually six separate engines controlled by own rule base  todo – what probe to perform next  hosttype – deduces system classes  facts – deduces potential vulnerabilities  services – translates cryptic daemon banners and/or port numbers to user- friendly names  trust – classifies data collected on NFS, DNS, NIS, and other cases of trust  drop – what to ignore Inference Engine

21 20  Facts – data generated by data acquisition module and inference engine  All-hosts – all hosts seen  Todo – all things it did Database Format

22 21  Target – name of host record refers to  Service – base name of tool or service being probed  Status – if host was reachable  Severity – how serious was the vulnerability  Trustee – who trusts another target (user@host)  Trusted – who the trustee trusts (user@host)  Canonical Service Output  for non-vulnerability records, the reformatted version of the network service  for vulnerability records, the name of the tutorial  Text – additional information for reports Database Format – Facts

23 22  Host name  IP address  Proximity from original host  Attack level host has been probed with  Was subnet expansion on? (1 = yes, 0 = no)  Time scan was done Database Format – All-hosts

24 23  Host name  Tool to be run next  Arguments for tool Database Format – Todo

25 24  Requires an HTML browser  Documentation  Data management  Data gathering  Viewing results –vulnerabilities –host information –trust  Also can be run from the command line User Interface

26 25 SAINT TM Vulnerabilities  DNS vulnerabilities  FTP vulnerabilities  Hacker program found  HTTP CGI access  IMAP version  INN vulnerabilities  NFS export to unprivileged programs  NFS export via portmapper  Open SMB shares  Remote shell access  REXD access  Sendmail vulnerabilities  SSH vulnerabilities  TFTP file access  Unrestricted modem  Unrestricted NFS export  Writable FTP home directory Red — Services that are vulnerable to attack. Hackers exploiting these services may cause substantial harm.

27 26 SAINT TM – Vulnerabilities Yellow — Services that may directly or indirectly assist a hacker in determining passwords or other critical information.  NIS password file access  Unrestricted X server access

28 27  Excessive finger information  HTTP CGI info  NetBIOS over the Internet  POP server  POP version  Possible DoS (fraggle) problem  Remote login on the Internet  Remote shell on the Internet  Rexec on the Internet  Statd vulnerability  Rstatd vulnerability  Rusersd vulnerability  Sendmail info  Windows detected Brown — Services that may not be vulnerable but the configuration and/or version may make them vulnerable. Further investigation on the part of the system administrator may be necessary. SAINT TM Vulnerabilities

29 28 SAINT TM Vulnerabilities Green — Services that do not have any vulnerabilities apparent through remote assessment. (However, if passwords have been compromised, these services may prove to be vulnerable to exploitation by local users).

30 29  System Administrators  Security Administrators  Requires some knowledge of UNIX  Requires installation and configuration of software  What about the less technical, less UNIX savvy administrator?...... Who Uses It?

31 30  Web browser  Internet connection  E-mail address What You Need

32 31 How it Works  Customer requests scan via Web page  Customer receives e-mail containing URL for custom page  Customer uses custom page to start scan  Customer receives a second e-mail after the scan completes containing a new URL for the results  Customer can perform an unlimited number of scans within the subscription period

33 32 Getting off the ground... We’d like to hear your comments and ideas.

34 33 Detailed SAINT TM Vulnerabilities

35 34 SAINT TM Red Services (1of 5)  DNS vulnerabilities  Impact: unauthorized access (remote) and/or denial of service  Resolution: patch or updated version  FTP vulnerabilities  Impact: unauthorized access (remote or local)  Resolution: patch, updated version, restrict access  Hacker program found  Impact: host has been compromised  Resolution: remove program, remove hacker  HTTP CGI access  Impact: execute arbitrary commands (remote or local)  Resolution: remove/disable CGI

36 35 SAINT TM Red Services (2of 5)  IMAP version  Impact: unauthorized access (remote)  Resolution: patch, updated version, restrict access  INN vulnerabilities  Impact: unauthorized access (remote)  Resolution: patch, updated version  NFS export to unprivileged programs  Impact: unauthorized file access (read/write), program execution  Resolution: restrict access, block router ports (2049, 111)  NFS export via portmapper  Impact: unauthorized file access (read/write)  Resolution: restrict access, block router ports (2049, 111)

37 36 SAINT TM Red Services (3of 5)  Open SMB shares  Impact: unauthorized file access (read/write)  Resolution: disable SMB over Internet, restrict access  Remote shell access  Impact: unauthorized remote shell/login from arbitrary hosts  Resolution: restrict access  REXD access  Impact: unauthorized REXD remote access from arbitrary hosts  Resolution: disable service, restrict access  Sendmail vulnerabilities  Impact: unauthorized access (remote)  Resolution: patch, updated version

38 37 SAINT TM Red Services (4of 5)  SSH vulnerabilities  Impact: unauthorized use of credentials (local)  Resolution: updated version  TFTP file access  Impact: unauthorized access (remote)  Resolution: disable service, restrict access  Unrestricted modem  Impact: unauthorized access (remote) of modem  Resolution: restrict access  Unrestricted NFS export  Impact: unauthorized file access (read/write)  Resolution: restrict access, block router ports (2049, 111)

39 38  Writeable FTP home directory  Impact: unauthorized file access (read/write/execute)  Resolution: restrict access SAINT TM Red Services (5of 5)

40 39  NIS password file access  Impact: access to NIS password file by arbitrary hosts  Resolution: restrict access  Unrestricted X server access  Impact: unrestricted X server access from arbitrary hosts  Resolution: restrict access SAINT TM Yellow Services

41 40 SAINT TM Brown Services (1 of 4)  Excessive finger information  Impact: releases excess account information  Resolution: disable service, restrict access  HTTP CGI info  Impact: provides information about server  Resolution: remove/disable CGI  NetBIOS over the Internet  Impact: unauthorized file access (read/write)  Resolution: disable service  POP server  Impact: unauthorized access (passwords in the clear)  Resolution: disable service, use more secure version

42 41 SAINT TM Brown Services (2 of 4)  POP version  Impact: unauthorized access (remote)  Resolution: patch, updated version, restrict access  Possible DoS (fraggle) problem  Impact: denial of service (intermediary and victim)  Resolution: router configuration  Remote login on the Internet  Impact: unauthorized shell access (with no password)  Resolution: disable service, restrict access  Remote shell on the Internet  Impact: unauthorized remote shell/login from arbitrary hosts  Resolution: restrict access

43 42 SAINT TM Brown Services (3 of 4)  Rexec on the Internet  Impact: unauthorized program execution (remote)  Resolution: disable service, restrict access  Sendmail info  Impact: provides information about users  Resolution: Disable EXPN and VRFY commands  Statd vulnerability  Impact: unauthorized access (remote/local)  Resolution: patch, disable service  Rstatd vulnerability  Impact: provides information about host’s performance  Resolution: disable service

44 43 SAINT TM Brown Services (4 of 4)  Rusersd vulnerability  Impact: provides information about users  Resolution: disable service  Windows detected  Impact: operating system may be vulnerable to denial of service  Resolution: patch, disable unnecessary services

Download ppt "2 Richard S. Carson and Associates Management Consulting Web-Based Products World Wide Digital Security, Inc. Backgroun d."

Similar presentations

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
AVG Internet Security 7.5 Product presentation.

AVG Internet Security 7.5 Product presentation.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
Web Server Administration TEC 236 Securing the Web Environment.

Web Server Administration TEC 236 Securing the Web Environment.
System and Network Security Practices COEN 351 E-Commerce Security.

System and Network Security Practices COEN 351 E-Commerce Security.
Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.

Linux+ Guide to Linux Certification, Second Edition Chapter 14 Network Configuration.
Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.

Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.
Network Security Testing Techniques Presented By:- Sachin Vador.

Network Security Testing Techniques Presented By:- Sachin Vador.
Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.

Security Tools CS-480b Dick Steflik. CACLS Windows NT, W2000, XP Displays or modifies access control lists (ACLs) of files.
Beth Johnson April 27, 1998. What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.

Beth Johnson April 27, What is a Firewall Firewall mechanisms are used to control internet access An organization places a firewall at each external.
Computer Security and Penetration Testing

Computer Security and Penetration Testing
Apache : Installation, Configuration, Basic Security Presented by, Sandeep K Thopucherela, ECE Department.

Apache : Installation, Configuration, Basic Security Presented by, Sandeep K Thopucherela, ECE Department.
TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.

TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik.
Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
COEN 252: Computer Forensics Router Investigation.

COEN 252: Computer Forensics Router Investigation.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.
Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:

Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:
INTRODUCTION TO WEB DATABASE PROGRAMMING

INTRODUCTION TO WEB DATABASE PROGRAMMING
Module 7: Configuring TCP/IP Addressing and Name Resolution.

Module 7: Configuring TCP/IP Addressing and Name Resolution.
1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

Similar presentations

Ads by Google