Presentation is loading. Please wait.

Presentation is loading. Please wait.

Client-based Application Attacks Adli Abdul Wahid Dept. of Comp. Science, IIUM

Published byErik Prosper Walton Modified over 9 years ago

Similar presentations

Presentation on theme: "Client-based Application Attacks Adli Abdul Wahid Dept. of Comp. Science, IIUM"— Presentation transcript:

1 Client-based Application Attacks Adli Abdul Wahid Dept. of Comp. Science, IIUM adli@kict.iiu.edu.my http://kict.iiu.edu.my/adli

2 The Plan ● Network Based Attacks ● Client-based Applications Attacks ● Potential Solutions ● Conclusion

3 Network Based Attacks ● Attacks that are carried out 'remotely' – Internet or another machine on the LAN ● Most literature cover attacking applications that are server based – Always listening on specific port numbers – i.e. Web, mail, ftp, etc ● Attacks are essentially in the form of buffer overflows or (that can trigger) DoS

4 Network Based Attacks (2) ● Clients-based applications attacks are increasingly popular ● Exploit – Web Browsers – Instant Messengers – Mail Clients

5 Examples in 2005 ● Yahoo! Messenger ymsgr URI Arbitrary Command Execution ● Yahoo! Messenger Offline Mode Status Remote Overflow ● Gaim Away Message Processing Remote Overflow ● Mozilla Firefox IFRAME Width Overflow ● Opera Command Line URL Shell Command Injection ● Microsoft Windows Shimgvw.dll SETABORTPROC Function Crafted WMF Arbitrary Code Execution

6 Typical Scenario ● User use vulnerable browser to surf net – Firewall allows this ● User clicks on site with malicious code ● Browser execute code and (maybe) payload – Payload may contain worm that leads to other problems, cause DoS etc

7 The Issues (1) ● Attack techniques are more or less the same – buffer overflow, just different target ● Typically use – Some form of social engineering ● User click on the URL ● Need more than basic perimeter protection – Firewall and IDS ● Policy enforcement – How do you make sure that all of the 5000 Pcs in your network uses the updated version of Browser XYZ

8 Potential Solutions ● IDS / IPS – What if malicious attacker is on the same LAN ? ● Patch management – Large user base? – Different types of software, tied to policy ● OS level – Stack protection in the case of buffer overflow based attacks – What if network is open to all (hotspot) ● Antivirus

9 Conclusion ● Attacks don't just target server based programs ● Client-based applications are just as vulnerable and targeted by attackers ● Complexity in defending the user en-masse ● Multiple approaches need to be used to defend the network successfully.

Download ppt "Client-based Application Attacks Adli Abdul Wahid Dept. of Comp. Science, IIUM"

Similar presentations

Microsoft Internet Security and Acceleration (ISA) Server 2004 Technical Overview

Microsoft Internet Security and Acceleration (ISA) Server 2004 Technical Overview
Vulnerability, Attack, Defense Split Tunneling Cross-Site Request Forgery And You Mary Henthorn OIT Senior Technology Analyst February 8, 2007.

Vulnerability, Attack, Defense Split Tunneling Cross-Site Request Forgery And You Mary Henthorn OIT Senior Technology Analyst February 8, 2007.
Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.

Network Security Attack Analysis. cs490ns - cotter2 Outline Types of Attacks Vulnerabilities Exploited Network Attack Phases Attack Detection Tools.
By Hiranmayi Pai Neeraj Jain

By Hiranmayi Pai Neeraj Jain
Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.

Copyright © 2012 Certification Partners, LLC -- All Rights Reserved Lesson 4: Web Browsing.
Lesson 4: Web Browsing.

Lesson 4: Web Browsing.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.

Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
© SANS Institute 2005 SANS Internet Storm Center WMF workarounds and patches

© SANS Institute SANS Internet Storm Center WMF workarounds and patches
Web Defacement Anh Nguyen May 6 th, 2010. Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia

Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
Securing Instant Messaging Matt Hsu. Outline Introduction Instant Messaging Primer Instant Messaging Vulnerabilities and Exploits Securing Instant Messaging.

Securing Instant Messaging Matt Hsu. Outline Introduction Instant Messaging Primer Instant Messaging Vulnerabilities and Exploits Securing Instant Messaging.
Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.

Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.
A Security Analysis of the PHP language By Jonas Heineson Mattias Österberg.

A Security Analysis of the PHP language By Jonas Heineson Mattias Österberg.
Firewall Vulnerabilities Presented by Vincent J. Ohm.

Firewall Vulnerabilities Presented by Vincent J. Ohm.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.

© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.
Instant Messaging Security Flaws By: Shadow404 Southern Poly University.

Instant Messaging Security Flaws By: Shadow404 Southern Poly University.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.

Similar presentations

Ads by Google