SlideShare uma empresa Scribd logo

Fall 2012 Badolato Presentation: When Bad Things Happen to Computer Networks

T
Towson University's Division of Innovation & Applied Research

This document discusses how Mike O'Leary of Towson University will demonstrate how hackers break into systems and what can be done to reduce risks. It begins by covering physical attacks on Windows systems by booting from alternative media or exploiting features like "Sticky Keys" to bypass logins. It then discusses password attacks like brute force cracking and vulnerabilities in stored passwords. Application-level attacks targeting software like Adobe Reader, Microsoft Office and Adobe Flash are also outlined. Throughout, countermeasures like encryption and using unique, long passwords for accounts are recommended to help secure systems.

Espiritual
1 de 81
Baixar para ler offline
When Bad Things Happen to Computer Networks A demonstration of how hackers break into systems, and what we can all do to reduce our risks Mike O’Leary School of Emerging Technologies Towson University Edward V. Badolato Distinguished Speaker Series September 7, 2012 Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 1 / 81
Physical Attacks Suppose you have physical access to a fully patched Windows 7 machine, but don’t have the password. Can you log on? Sure! What happens when you press the blue and white button on the bottom left of a Windows logon screen? What happens if you change that program? Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 2 / 81
Physical Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 3 / 81
Physical Attacks- Demo Rather than boot to the hard drive, we will boot to a CD-ROM; say Backtrack 5. BIOS passwords can prevent this, but physical access also lets me reset BIOS passwords, usually via jumper settings on the motherboard. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 4 / 81
Physical Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 5 / 81
Physical Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 6 / 81
Physical Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 7 / 81
Physical Attacks- Others The “Sticky Keys” feature can be attacked in the same fashion; the program is c:WindowsSystem32sethc.exe To log in as a particular user (rather than as System), one can use a hex editor to modify c:WindowsSystem32msv1 0.dll. Changing two bytes in that file allows you to log on to any account without a password. Kon-Boot. Boot to the CD, and let the tool do the work for you. The tool is picked up as a virus by many anti-virus tools, so careful downloading! Bart’s PE Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 8 / 81
Physical Attacks- Countermeasures Protect the phyisical device Encrypt important data. Bitlocker Windows 7 component, but required Windows 7 Enterprise or Windows 7 Ultimate. TrueCrypt: http://www.truecrypt.org/ Free software Let’s you encrypt a volume of files; the volume is treated as a separate hard drive in Windows. Encrypted volumes can take on any name, and can be nested. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 9 / 81
Physical Attacks- Countermeasures Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 10 / 81
Passwords Why attack passwords? They give authenticated access, meaning that they will not trip intrusion detection systems. How are passwords stored? Plain text (disaster!) Hashed (terrible!) Salted & Hashed (Might be OK) How can you attack a stored password? Brute force attacks Word lists Rainbow tables Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 11 / 81
Passwords The speed of a brute force attack depends on the underlying hashing algorithm. A PC with a high end graphics card using an older algorighm (SHA1) can try roughly one billion password guesses per second. Amazon’s cloud service would let a user try roughly 100,000 passwords on 400,000 accounts each day, for a cost of roughly $3501 m3g9tr0n claims to have cracked 122 million passwords (MD5, SHA1) in five months2 1 http://arstechnica.com/security/2012/08/hacked-blizzard-passwords-not-hard-to-crack/ 2 http://blog.thireus.com/cracking-story-how-i-cracked-over-122-million-sha1-and-md5-hashed-passwords Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 12 / 81
Password Attacks In 2009, RockYou.com was compromised, leading to the loss of 32 million passwords. These passwords were in plain text. Attackers have used this as starting point to generate word lists. In 2010, Gawker lost 1.5 million unsalted hashed passwords On June 6, LinkedIn lost 6.46 million unsalted password hashes LinkedIn has 160 million accounts. More than 90% of these hashes have been cracked. On June 6, eHarmony lost 1.5 million unsalted password hashes. On July 12, Yahoo! voices lost 400,000 plain text passwords and email addresses. On July 23, Gamigo (a German gaming company) lost 11 million hashed passwords. They also lost 8.2 million email addresses On August 10, Blizzard lost an unknown number of password hashes, including all of the accounts from their North American servers. The number of Blizzard accounts runs well into the millions, just in North America. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 13 / 81
Password Attacks Do you re-use your passwords? Could an attacker guess your account name? What would happen? Ask Mat Honan. After an hour-long attack on August 3, he discovered that3 His Google account was taken over, then wiped. His Twitter account was compromised and used to spread vitriol His AppleID account was hacked All of the data on his iPhone, iPad, and MacBook was wiped. Why? They wanted to use his Twitter account. 3 http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/ Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 14 / 81
Password Attacks- Demo We can perform a live attack on a password protected service by simply trying various combinations. This is often noticeable to intrusion detection systems, but if it is spread across multiple attacker machines, it is difficult to stop. In this first example, we attack a simple e-commerce site. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 15 / 81
Password Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 16 / 81
Password Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 17 / 81
Password Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 18 / 81
Password Attacks- Demo Looking at the source, we see that the request to log in is A request made via SSL Target page is http://shop.index.php GET parameters include main page = login action = process zenid = 65dsqnj1qs9hn8h57ij6dkk22veopsul POST parameters include password, specified by the user securityToken = d597db5e25bda24bb43c65307d9c21ca as a hidden field. We build a corresponding request using Hydra. We specify a list of user names (-L) We specify a list of passwords (-P) We specify what we expect to see in an error page (the text “Error”) We specify the number of threads (-t) We specify the timeout (-w) We specify where we dump the resulrs (-o) We use verbose output (-vV) Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 19 / 81
Password Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 20 / 81
Password Attacks- Demo These attacks can also be performed against domain controllers. Suppose that the domain UNSEEN has the domain controller ephebe.unseen.disc.tu located at the address 192.168.1.30. We again use hydra The method is now smb The address is specified as well Other parameters are chosen as in the previous example. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 21 / 81
Password Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 22 / 81
Passwords Attacks- Countermeasures Lots of folks have given you lots of advice on passwords Use an uncommon word Inlude some captial letters Make some substitutions- say replace an “a” with an “4” Include a number Include a symbol Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 23 / 81
Password Attacks- Countermeasures Source: http://xkcd.com/936/ Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 24 / 81
Password Attacks- Countermeasures There is no substitute for length in your passwords. If you are using random symbols & characters, then at least 12 characters. If you use word(s), then double this. Attackers already know the common tricks for making passwords more “complex”; they use wordlists and then permute them with all of these common tricks. Use different passwords for different accounts How can I manage different passwords? Use PasswordSafe, a free program available at http://passwordsafe.sourceforge.net/ Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 25 / 81
Password Attacks- Countermeasures Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 26 / 81
Password Attacks- Countermeasures Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 27 / 81
Password Attacks- Countermeasures Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 28 / 81
Password Attacks- Countermeasures Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 29 / 81
Application Attacks Most computer attacks rely on software vulnerabilities These are mistakes in a program that can be exploited to violate a security policy When found, these are classified and given a common CVE name & number (http://cve.mitre.org) Some vulnerabilities allow a third-party access to a system Others allow a user a greater level of access to a system than intented (privilege escalation) Some vulnerabilities do not require user action Vulnerabilities in the core operating system can be particularly problematic. Microsoft patches are numbered by year and patch number. MS08-067 (CVE 2008-4250)- Microsoft Server Service Vulnerability Windows 2000, 2003, XP MS03-026 (CVE 2003-0352)- Microsoft RPC DCOM. Affects Windows NT, 2000, 2003. Root cause of Blaster worm, Nachi worm. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 30 / 81
Application Attacks Attackers have turned their attention to application level atacks These focus on Web browsers Active content for web browsers Java Flash Documents Microsoft Word Microsoft Excel Adobe Reader Browser attacks require the user to visit a web page hosting the malicious content Document attacks require the user to open the malicious document Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 31 / 81
Application Attacks Suppose you knew that the target was running Adobe Reader. 1/2012 CVE 2011-2462 Adobe Reader U3D Memory Corruption 9.4.6, 10.1.1 9/2010 CVE 2010-2883 Adobe CoolType SING Table uniqueName 8.2.4, 9.3.4 Stack Buffer Overflow 3/2010 CVE 2010-0188 Adobe Acrobat Bundled LibTIFF Integer 8.2, 9.3 Overflow 12/2009 CVE 2009-4324 Adobe Doc.media.newPlayer Use After 9.2 Free Vulnerability 12/2009 CVE 2009-3459 Adobe FlateDecode Stream Predictor 02 9.2 Integer Overflow 11/2009 CVE 2009-2990 Adobe U3D CLODProgressiveMeshDecla- 7.1.4, 8.1.7, 9.2 ration Array Overrun 3/2009 CVE 2009-0927 Adobe Collab.getIcon() Buffer Overflow 7.1.1, 8.1.3, 9.1 3/2009 CVE 2009-0658 Adobe JBIG2Decode Heap Corruption 9.0 12/2008 CVE 2008-2992 Adobe util.printf() Buffer Overflow 8.1.3 Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 32 / 81
Application Attacks Suppose you knew that the target was running Microsoft Office: 6/2012 CVE 2012-0013 MS12-005 Microsoft Office ClickOnce Un- Word 07, 10 safe Object Package Handling Vulnerability 4/2012 CVE 2012-0158 MS12-027 MSCOMCTL ActiveX Buffer Word 07, 10 Overflow 12/2011 CVE 2010-3333 MS10-087 Microsoft Word RTF pFrag- Word 03, 07, 10 ments Stack Buffer Overflow 11/2011 CVE 2010-0822 MS11-038 Excel Malformed OBJ Record Excel 02 Handling Overflow 11/2011 CVE 2011-0105 MS11-021 Excel .xlb Buffer Overflow Excel 07 5/2010 CVE 2010-0033 MS10-004 PowerPoint Viewer TextByte- PowerPoint Viewer 03 sAtom Stack Buffer Overflow 2/2010 CVE 2009-3129 MS09-067 Excel Malformed FEATHEADER Excel 02, 03, 07 Record Vulnerability Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 33 / 81
Application Attacks Suppose you knew that the target was running Adobe Flash Player: 8/20/2012 CVE 2012-1535 Adobe Flash Player 11.3 Font 11.3.300.271 (8/14/2012) Parsing Code Execution 6/25/2012 CVE 2012-0779 Adobe Flash Player Object Type 11.2.202.235 (5/3/2012) Confusion 6/20/2012 CVE 2011-2110 Adobe Flash Player AVM Ver- 10.3.181.23 (11/11/2011) ification Logic Array Indexing Code & Execution 4/20/2012 CVE 2008-5499 Adobe Flash Player ActionScript 10.0.12.36 (10/4/2008) Launch Command Execution Vulnerability 3/8/2012 CVE 2012-0754 Adobe Flash Player .mp4 ’cprt’ 11.1.102.55 (11/11/2011) Overflow Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 34 / 81
Application Attacks How does an application attack work? Let’s demonstrate an attack based on CVE 2012-1889, MS12-043 Microsoft XML Core Services MSXML Uninitialized Memory Corruption This is a vulnerability in how Windows handles XML, and is of critical importance for Internet Explorer. Code to exploit this vulnerability was publicly released on June 15 (via Metasploit); it is likely that this vulnerability was being exploited by others privately before this time. Microsoft did not patch this vulnerability until they released MS12-043, on July 10. Anyone using Internet Explorer prior to the release of the patch would have been vulnerable. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 35 / 81
Application Attacks- Demo The attacking machine will be using Backtrack 5 R3. The victim machine will be a Windows 7 workstation, running Service Pack 1 (the latest), but not patched with MS12-043. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 36 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 37 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 38 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 39 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 40 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 41 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 42 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 43 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 44 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 45 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 46 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 47 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 48 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 49 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 50 / 81
Application Attacks Another common attack target, especially lately has been Java. 8/27/2012 CVE 2012-4681 Java 7 Applet Remote Code Execution Java 7U6 7/9/2012 CVE 2012-1723 Java Applet Field Bytecode Verifier Java 6U32, Java 7U5 Cache Remote Code Execution 3/29/2012 CVE 2012-0507 Java AtomicReferenceArray Type Vio- Java 6U30, Java 7U2 lation Vulnerability 11/29/2011 CVE 2011-3544 Java Applet Rhino Script Engine Re- Java 6U27, Java 7 mote Code Execution Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 51 / 81
Application Attacks We demonstrate the use of the July Java attack (CVE 2012-1723, Java Applet Field Bytecode Verifier Cache Remote Code Execution) on a system. The target will be a Windows 7 machine, but this time it will not be patched up to Service Pack 1. After compromising the target, we will use CVE 2010-3338, (MS10-092 Windows Escalate Task Scheduler XML Privilege Escalation) which is one of the vulnerabilties exploited by Stuxnet. This will allow us to gain full control over the system at the SYSTEM level. We will grab the password hashes and crack them. We will add a new administrator to the system (us!) We will ensure that the system connects back to us, even if the system is subsequently rebooted. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 52 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 53 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 54 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 55 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 56 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 57 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 58 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 59 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 60 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 61 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 62 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 63 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 64 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 65 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 66 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 67 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 68 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 69 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 70 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 71 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 72 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 73 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 74 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 75 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 76 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 77 / 81
Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 78 / 81
Application Attacks- Countermeasures Be sure all of your software is up to date. Pay special attention to: Browsers (IE, Chrome, Firefox, Safari) MS Office Adobe Flash, Reader Java Don’t install software if you do not need it! The attacks on IE succeeded in part because we leveraged the existing Java install! Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 79 / 81
Application Attacks- Countermeasures The final attack succeded because the user: Clicked on a malicious link Was running an outdated version of Java Was running an unpatched version of Windows This attack required multiple failures in multiple places! Don’t be fearful that your security posture is imperfect; instead make it difficult for an attacker to exploit you by being aware and resposive to the threats. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 80 / 81
Questions? Mike O’Leary School of Emerging Technologies Towson University moleary@towson.edu Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 81 / 81

Recomendados

Hacking and cracking
Hacking and crackingHacking and cracking
Hacking and crackingDeepak kumar
 
Firewalls (Distributed computing)
Firewalls (Distributed computing)Firewalls (Distributed computing)
Firewalls (Distributed computing)Sri Prasanna
 
Defending Against the Dark Arts of LOLBINS
Defending Against the Dark Arts of LOLBINS Defending Against the Dark Arts of LOLBINS
Defending Against the Dark Arts of LOLBINS Brent Muir
 
Malware Goes to the Movies - Briefing
Malware Goes to the Movies - BriefingMalware Goes to the Movies - Briefing
Malware Goes to the Movies - BriefingAleksandr Yampolskiy
 
Android Forensics: Exploring Android Internals and Android Apps
Android Forensics: Exploring Android Internals and Android AppsAndroid Forensics: Exploring Android Internals and Android Apps
Android Forensics: Exploring Android Internals and Android AppsMoe Tanabian
 
Discovering Windows Phone 8 Artifacts and Secrets
Discovering Windows Phone 8 Artifacts and Secrets Discovering Windows Phone 8 Artifacts and Secrets
Discovering Windows Phone 8 Artifacts and Secrets Reality Net System Solutions
 
James Forshaw, elevator action
James Forshaw, elevator actionJames Forshaw, elevator action
James Forshaw, elevator actionPacSecJP
 
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON
 

Recomendados

Hacking and cracking
Hacking and crackingHacking and cracking
Hacking and crackingDeepak kumar
 
Firewalls (Distributed computing)
Firewalls (Distributed computing)Firewalls (Distributed computing)
Firewalls (Distributed computing)Sri Prasanna
 
Defending Against the Dark Arts of LOLBINS
Defending Against the Dark Arts of LOLBINS Defending Against the Dark Arts of LOLBINS
Defending Against the Dark Arts of LOLBINS Brent Muir
 
Malware Goes to the Movies - Briefing
Malware Goes to the Movies - BriefingMalware Goes to the Movies - Briefing
Malware Goes to the Movies - BriefingAleksandr Yampolskiy
 
Android Forensics: Exploring Android Internals and Android Apps
Android Forensics: Exploring Android Internals and Android AppsAndroid Forensics: Exploring Android Internals and Android Apps
Android Forensics: Exploring Android Internals and Android AppsMoe Tanabian
 
Discovering Windows Phone 8 Artifacts and Secrets
Discovering Windows Phone 8 Artifacts and Secrets Discovering Windows Phone 8 Artifacts and Secrets
Discovering Windows Phone 8 Artifacts and Secrets Reality Net System Solutions
 
James Forshaw, elevator action
James Forshaw, elevator actionJames Forshaw, elevator action
James Forshaw, elevator actionPacSecJP
 
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON London 2015 - 15-Minute Linux Incident Response Live Analysis
44CON London 2015 - 15-Minute Linux Incident Response Live Analysis44CON
 
Dr. Daraius Irani - Maryland's Economic Outlook Presentation
Dr. Daraius Irani - Maryland's Economic Outlook PresentationDr. Daraius Irani - Maryland's Economic Outlook Presentation
Dr. Daraius Irani - Maryland's Economic Outlook PresentationTowson University's Division of Innovation & Applied Research
 
Dr. Robert Lerman,
Dr. Robert Lerman,Dr. Robert Lerman,
Dr. Robert Lerman,Towson University's Division of Innovation & Applied Research
 
Badolato April 2011 Slideshow
Badolato April 2011 SlideshowBadolato April 2011 Slideshow
Badolato April 2011 SlideshowTowson University's Division of Innovation & Applied Research
 
Fall 2011 EOC - Mark Goldstein's Presentation
Fall 2011 EOC - Mark Goldstein's PresentationFall 2011 EOC - Mark Goldstein's Presentation
Fall 2011 EOC - Mark Goldstein's PresentationTowson University's Division of Innovation & Applied Research
 
Enhancing Maryland’s GIS Inventory
Enhancing Maryland’s GIS InventoryEnhancing Maryland’s GIS Inventory
Enhancing Maryland’s GIS InventoryTowson University's Division of Innovation & Applied Research
 
Economic Outlook Conference 2012: Maryland's Economic Outlook
Economic Outlook Conference 2012: Maryland's Economic OutlookEconomic Outlook Conference 2012: Maryland's Economic Outlook
Economic Outlook Conference 2012: Maryland's Economic OutlookTowson University's Division of Innovation & Applied Research
 
Jenn Lake - Integrated Marketing Team @ Towson University - Baltimore PR Coun...
Jenn Lake - Integrated Marketing Team @ Towson University - Baltimore PR Coun...Jenn Lake - Integrated Marketing Team @ Towson University - Baltimore PR Coun...
Jenn Lake - Integrated Marketing Team @ Towson University - Baltimore PR Coun...Towson University's Division of Innovation & Applied Research
 
Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII studentsAkiumi Hasegawa
 
Information Security - A Discussion
Information Security - A DiscussionInformation Security - A Discussion
Information Security - A DiscussionKaushik Patra
 
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)Avansa Mid- en Zuidwest
 
Information Security Day for Penn State Ag Sciences
Information Security Day for Penn State Ag SciencesInformation Security Day for Penn State Ag Sciences
Information Security Day for Penn State Ag SciencesVince Verbeke
 
Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for ActivistsGreg Stromire
 
Thane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationThane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationJeff Zahn
 
Hacking
HackingHacking
HackingMohit Agarwal
 
CyberAttack -- Whose side is your computer on?
CyberAttack -- Whose side is your computer on?CyberAttack -- Whose side is your computer on?
CyberAttack -- Whose side is your computer on?Jim Isaak
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingPallavi Sonone
 
Network security
Network securityNetwork security
Network securityسودان وب لأمن المعلومات
 
NetworkSecurity
NetworkSecurityNetworkSecurity
NetworkSecurityPeter Lawrence
 
Cybersecurity cyberlab1
Cybersecurity cyberlab1Cybersecurity cyberlab1
Cybersecurity cyberlab1rayborg
 
PCI OWASP Course Storyboard
PCI OWASP Course StoryboardPCI OWASP Course Storyboard
PCI OWASP Course StoryboardJim Piechocki
 
Hacking
HackingHacking
Hackingsyahila
 
Hacking with Skynet - How AI is Empowering Adversaries
Hacking with Skynet - How AI is Empowering AdversariesHacking with Skynet - How AI is Empowering Adversaries
Hacking with Skynet - How AI is Empowering AdversariesGTKlondike
 

Mais conteúdo relacionado

Destaque

Destaque (7)

Dr. Daraius Irani - Maryland's Economic Outlook Presentation
Dr. Daraius Irani - Maryland's Economic Outlook PresentationDr. Daraius Irani - Maryland's Economic Outlook Presentation
Dr. Daraius Irani - Maryland's Economic Outlook Presentation
 
Dr. Robert Lerman,
Dr. Robert Lerman,Dr. Robert Lerman,
Dr. Robert Lerman,
 
Badolato April 2011 Slideshow
Badolato April 2011 SlideshowBadolato April 2011 Slideshow
Badolato April 2011 Slideshow
 
Fall 2011 EOC - Mark Goldstein's Presentation
Fall 2011 EOC - Mark Goldstein's PresentationFall 2011 EOC - Mark Goldstein's Presentation
Fall 2011 EOC - Mark Goldstein's Presentation
 
Enhancing Maryland’s GIS Inventory
Enhancing Maryland’s GIS InventoryEnhancing Maryland’s GIS Inventory
Enhancing Maryland’s GIS Inventory
 
Economic Outlook Conference 2012: Maryland's Economic Outlook
Economic Outlook Conference 2012: Maryland's Economic OutlookEconomic Outlook Conference 2012: Maryland's Economic Outlook
Economic Outlook Conference 2012: Maryland's Economic Outlook
 
Jenn Lake - Integrated Marketing Team @ Towson University - Baltimore PR Coun...
Jenn Lake - Integrated Marketing Team @ Towson University - Baltimore PR Coun...Jenn Lake - Integrated Marketing Team @ Towson University - Baltimore PR Coun...
Jenn Lake - Integrated Marketing Team @ Towson University - Baltimore PR Coun...
 

Semelhante a Fall 2012 Badolato Presentation: When Bad Things Happen to Computer Networks

Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII studentsAkiumi Hasegawa
 
Information Security - A Discussion
Information Security - A DiscussionInformation Security - A Discussion
Information Security - A DiscussionKaushik Patra
 
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)Avansa Mid- en Zuidwest
 
Information Security Day for Penn State Ag Sciences
Information Security Day for Penn State Ag SciencesInformation Security Day for Penn State Ag Sciences
Information Security Day for Penn State Ag SciencesVince Verbeke
 
Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for ActivistsGreg Stromire
 
Thane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationThane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationJeff Zahn
 
CyberAttack -- Whose side is your computer on?
CyberAttack -- Whose side is your computer on?CyberAttack -- Whose side is your computer on?
CyberAttack -- Whose side is your computer on?Jim Isaak
 
Cybersecurity cyberlab1
Cybersecurity cyberlab1Cybersecurity cyberlab1
Cybersecurity cyberlab1rayborg
 
PCI OWASP Course Storyboard
PCI OWASP Course StoryboardPCI OWASP Course Storyboard
PCI OWASP Course StoryboardJim Piechocki
 
Hacking with Skynet - How AI is Empowering Adversaries
Hacking with Skynet - How AI is Empowering AdversariesHacking with Skynet - How AI is Empowering Adversaries
Hacking with Skynet - How AI is Empowering AdversariesGTKlondike
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9Geoff Pesimo
 
OrdersFishing Division Order FormCustomer NameFreight Customer Ty.docx
OrdersFishing Division Order FormCustomer NameFreight Customer Ty.docxOrdersFishing Division Order FormCustomer NameFreight Customer Ty.docx
OrdersFishing Division Order FormCustomer NameFreight Customer Ty.docxaman341480
 
Hack the book Mini
Hack the book MiniHack the book Mini
Hack the book MiniKhairi Aiman
 

Semelhante a Fall 2012 Badolato Presentation: When Bad Things Happen to Computer Networks (20)

Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII students
 
Information Security - A Discussion
Information Security - A DiscussionInformation Security - A Discussion
Information Security - A Discussion
 
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
 
Information Security Day for Penn State Ag Sciences
Information Security Day for Penn State Ag SciencesInformation Security Day for Penn State Ag Sciences
Information Security Day for Penn State Ag Sciences
 
Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for Activists
 
Thane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationThane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentation
 
Hacking
HackingHacking
Hacking
 
CyberAttack -- Whose side is your computer on?
CyberAttack -- Whose side is your computer on?CyberAttack -- Whose side is your computer on?
CyberAttack -- Whose side is your computer on?
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Network security
Network securityNetwork security
Network security
 
NetworkSecurity
NetworkSecurityNetworkSecurity
NetworkSecurity
 
Cybersecurity cyberlab1
Cybersecurity cyberlab1Cybersecurity cyberlab1
Cybersecurity cyberlab1
 
PCI OWASP Course Storyboard
PCI OWASP Course StoryboardPCI OWASP Course Storyboard
PCI OWASP Course Storyboard
 
Hacking
HackingHacking
Hacking
 
Hacking with Skynet - How AI is Empowering Adversaries
Hacking with Skynet - How AI is Empowering AdversariesHacking with Skynet - How AI is Empowering Adversaries
Hacking with Skynet - How AI is Empowering Adversaries
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
OWASP: iOS Spelunking
OWASP: iOS SpelunkingOWASP: iOS Spelunking
OWASP: iOS Spelunking
 
OrdersFishing Division Order FormCustomer NameFreight Customer Ty.docx
OrdersFishing Division Order FormCustomer NameFreight Customer Ty.docxOrdersFishing Division Order FormCustomer NameFreight Customer Ty.docx
OrdersFishing Division Order FormCustomer NameFreight Customer Ty.docx
 
Hack the book Mini
Hack the book MiniHack the book Mini
Hack the book Mini
 

Mais de Towson University's Division of Innovation & Applied Research

Mais de Towson University's Division of Innovation & Applied Research (8)

Dr. Robert Lerman Presentation
Dr. Robert Lerman PresentationDr. Robert Lerman Presentation
Dr. Robert Lerman Presentation
 
Badolato Speaker Series Slides
Badolato Speaker Series SlidesBadolato Speaker Series Slides
Badolato Speaker Series Slides
 
MD iMap TUgis2011
MD iMap TUgis2011MD iMap TUgis2011
MD iMap TUgis2011
 
GIS Day TUgis2011 Presentation
GIS Day TUgis2011 PresentationGIS Day TUgis2011 Presentation
GIS Day TUgis2011 Presentation
 
GIS Inventory TUgis2011 Presentation
GIS Inventory TUgis2011 PresentationGIS Inventory TUgis2011 Presentation
GIS Inventory TUgis2011 Presentation
 
MD Broadband Map TUgis2011 Presentation
MD Broadband Map TUgis2011 PresentationMD Broadband Map TUgis2011 Presentation
MD Broadband Map TUgis2011 Presentation
 
TEDCO Presentation for 2010 Showcase
TEDCO Presentation for 2010 ShowcaseTEDCO Presentation for 2010 Showcase
TEDCO Presentation for 2010 Showcase
 
MIPS Presentation for 2010 TU Showcase
MIPS Presentation for 2010 TU ShowcaseMIPS Presentation for 2010 TU Showcase
MIPS Presentation for 2010 TU Showcase
 

Último

Culture Clash_Bioethical Concerns_Slideshare Version.pptx
Culture Clash_Bioethical Concerns_Slideshare Version.pptxCulture Clash_Bioethical Concerns_Slideshare Version.pptx
Culture Clash_Bioethical Concerns_Slideshare Version.pptxStephen Palm
 
Seerah un nabi Muhammad Quiz Part-1.pdf
Seerah un nabi Muhammad Quiz Part-1.pdfSeerah un nabi Muhammad Quiz Part-1.pdf
Seerah un nabi Muhammad Quiz Part-1.pdfAnsariB1
 
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiNo.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiAmil Baba Mangal Maseeh
 
Dubai Call Girls Skinny Mandy O525547819 Call Girls Dubai
Dubai Call Girls Skinny Mandy O525547819 Call Girls DubaiDubai Call Girls Skinny Mandy O525547819 Call Girls Dubai
Dubai Call Girls Skinny Mandy O525547819 Call Girls Dubaikojalkojal131
 
A357 Hate can stir up strife, but love can cover up all mistakes. hate, love...
A357 Hate can stir up strife, but love can cover up all mistakes. hate, love...A357 Hate can stir up strife, but love can cover up all mistakes. hate, love...
A357 Hate can stir up strife, but love can cover up all mistakes. hate, love...franktsao4
 
Asli amil baba in Karachi Pakistan and best astrologer Black magic specialist
Asli amil baba in Karachi Pakistan and best astrologer Black magic specialistAsli amil baba in Karachi Pakistan and best astrologer Black magic specialist
Asli amil baba in Karachi Pakistan and best astrologer Black magic specialistAmil Baba Mangal Maseeh
 
Unity is Strength 2024 Peace Haggadah_For Digital Viewing.pdf
Unity is Strength 2024 Peace Haggadah_For Digital Viewing.pdfUnity is Strength 2024 Peace Haggadah_For Digital Viewing.pdf
Unity is Strength 2024 Peace Haggadah_For Digital Viewing.pdfRebeccaSealfon
 
Asli amil baba near you 100%kala ilm ka mahir
Asli amil baba near you 100%kala ilm ka mahirAsli amil baba near you 100%kala ilm ka mahir
Asli amil baba near you 100%kala ilm ka mahirAmil Baba Mangal Maseeh
 
Study of the Psalms Chapter 1 verse 1 by wanderean
Study of the Psalms Chapter 1 verse 1 by wandereanStudy of the Psalms Chapter 1 verse 1 by wanderean
Study of the Psalms Chapter 1 verse 1 by wandereanmaricelcanoynuay
 
Topmost Kala ilam expert in UK Or Black magic specialist in UK Or Black magic...
Topmost Kala ilam expert in UK Or Black magic specialist in UK Or Black magic...Topmost Kala ilam expert in UK Or Black magic specialist in UK Or Black magic...
Topmost Kala ilam expert in UK Or Black magic specialist in UK Or Black magic...baharayali
 
The-Clear-Quran,-A-Thematic-English-Translation-by-Dr-Mustafa-Khattab.pdf
The-Clear-Quran,-A-Thematic-English-Translation-by-Dr-Mustafa-Khattab.pdfThe-Clear-Quran,-A-Thematic-English-Translation-by-Dr-Mustafa-Khattab.pdf
The-Clear-Quran,-A-Thematic-English-Translation-by-Dr-Mustafa-Khattab.pdfSana Khan
 
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiNo.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiAmil Baba Mangal Maseeh
 
Repentance involves Faith Powerpoint presentation
Repentance involves Faith Powerpoint presentationRepentance involves Faith Powerpoint presentation
Repentance involves Faith Powerpoint presentationcorderos484
 
Asli amil baba in Karachi asli amil baba in Lahore
Asli amil baba in Karachi asli amil baba in LahoreAsli amil baba in Karachi asli amil baba in Lahore
Asli amil baba in Karachi asli amil baba in Lahoreamil baba kala jadu
 
Amil baba in uk amil baba in Australia amil baba in canada
Amil baba in uk amil baba in Australia amil baba in canadaAmil baba in uk amil baba in Australia amil baba in canada
Amil baba in uk amil baba in Australia amil baba in canadaamil baba kala jadu
 
Deerfoot Church of Christ Bulletin 4 21 24
Deerfoot Church of Christ Bulletin 4 21 24Deerfoot Church of Christ Bulletin 4 21 24
Deerfoot Church of Christ Bulletin 4 21 24deerfootcoc
 
Understanding Jainism Beliefs and Information.pptx
Understanding Jainism Beliefs and Information.pptxUnderstanding Jainism Beliefs and Information.pptx
Understanding Jainism Beliefs and Information.pptxjainismworldseo
 
The_Chronological_Life_of_Christ_Part_96_Crossroads_and_Crisis_Points
The_Chronological_Life_of_Christ_Part_96_Crossroads_and_Crisis_PointsThe_Chronological_Life_of_Christ_Part_96_Crossroads_and_Crisis_Points
The_Chronological_Life_of_Christ_Part_96_Crossroads_and_Crisis_PointsNetwork Bible Fellowship
 

Último (20)

Culture Clash_Bioethical Concerns_Slideshare Version.pptx
Culture Clash_Bioethical Concerns_Slideshare Version.pptxCulture Clash_Bioethical Concerns_Slideshare Version.pptx
Culture Clash_Bioethical Concerns_Slideshare Version.pptx
 
Seerah un nabi Muhammad Quiz Part-1.pdf
Seerah un nabi Muhammad Quiz Part-1.pdfSeerah un nabi Muhammad Quiz Part-1.pdf
Seerah un nabi Muhammad Quiz Part-1.pdf
 
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiNo.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
 
Dubai Call Girls Skinny Mandy O525547819 Call Girls Dubai
Dubai Call Girls Skinny Mandy O525547819 Call Girls DubaiDubai Call Girls Skinny Mandy O525547819 Call Girls Dubai
Dubai Call Girls Skinny Mandy O525547819 Call Girls Dubai
 
A357 Hate can stir up strife, but love can cover up all mistakes. hate, love...
A357 Hate can stir up strife, but love can cover up all mistakes. hate, love...A357 Hate can stir up strife, but love can cover up all mistakes. hate, love...
A357 Hate can stir up strife, but love can cover up all mistakes. hate, love...
 
Top 8 Krishna Bhajan Lyrics in English.pdf
Top 8 Krishna Bhajan Lyrics in English.pdfTop 8 Krishna Bhajan Lyrics in English.pdf
Top 8 Krishna Bhajan Lyrics in English.pdf
 
Asli amil baba in Karachi Pakistan and best astrologer Black magic specialist
Asli amil baba in Karachi Pakistan and best astrologer Black magic specialistAsli amil baba in Karachi Pakistan and best astrologer Black magic specialist
Asli amil baba in Karachi Pakistan and best astrologer Black magic specialist
 
Unity is Strength 2024 Peace Haggadah_For Digital Viewing.pdf
Unity is Strength 2024 Peace Haggadah_For Digital Viewing.pdfUnity is Strength 2024 Peace Haggadah_For Digital Viewing.pdf
Unity is Strength 2024 Peace Haggadah_For Digital Viewing.pdf
 
Asli amil baba near you 100%kala ilm ka mahir
Asli amil baba near you 100%kala ilm ka mahirAsli amil baba near you 100%kala ilm ka mahir
Asli amil baba near you 100%kala ilm ka mahir
 
Study of the Psalms Chapter 1 verse 1 by wanderean
Study of the Psalms Chapter 1 verse 1 by wandereanStudy of the Psalms Chapter 1 verse 1 by wanderean
Study of the Psalms Chapter 1 verse 1 by wanderean
 
Topmost Kala ilam expert in UK Or Black magic specialist in UK Or Black magic...
Topmost Kala ilam expert in UK Or Black magic specialist in UK Or Black magic...Topmost Kala ilam expert in UK Or Black magic specialist in UK Or Black magic...
Topmost Kala ilam expert in UK Or Black magic specialist in UK Or Black magic...
 
The-Clear-Quran,-A-Thematic-English-Translation-by-Dr-Mustafa-Khattab.pdf
The-Clear-Quran,-A-Thematic-English-Translation-by-Dr-Mustafa-Khattab.pdfThe-Clear-Quran,-A-Thematic-English-Translation-by-Dr-Mustafa-Khattab.pdf
The-Clear-Quran,-A-Thematic-English-Translation-by-Dr-Mustafa-Khattab.pdf
 
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in KarachiNo.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
No.1 Amil baba in Pakistan amil baba in Lahore amil baba in Karachi
 
Repentance involves Faith Powerpoint presentation
Repentance involves Faith Powerpoint presentationRepentance involves Faith Powerpoint presentation
Repentance involves Faith Powerpoint presentation
 
Asli amil baba in Karachi asli amil baba in Lahore
Asli amil baba in Karachi asli amil baba in LahoreAsli amil baba in Karachi asli amil baba in Lahore
Asli amil baba in Karachi asli amil baba in Lahore
 
Amil baba in uk amil baba in Australia amil baba in canada
Amil baba in uk amil baba in Australia amil baba in canadaAmil baba in uk amil baba in Australia amil baba in canada
Amil baba in uk amil baba in Australia amil baba in canada
 
Deerfoot Church of Christ Bulletin 4 21 24
Deerfoot Church of Christ Bulletin 4 21 24Deerfoot Church of Christ Bulletin 4 21 24
Deerfoot Church of Christ Bulletin 4 21 24
 
Understanding Jainism Beliefs and Information.pptx
Understanding Jainism Beliefs and Information.pptxUnderstanding Jainism Beliefs and Information.pptx
Understanding Jainism Beliefs and Information.pptx
 
The_Chronological_Life_of_Christ_Part_96_Crossroads_and_Crisis_Points
The_Chronological_Life_of_Christ_Part_96_Crossroads_and_Crisis_PointsThe_Chronological_Life_of_Christ_Part_96_Crossroads_and_Crisis_Points
The_Chronological_Life_of_Christ_Part_96_Crossroads_and_Crisis_Points
 
St. Louise de Marillac: Animator of the Confraternities of Charity
St. Louise de Marillac: Animator of the Confraternities of CharitySt. Louise de Marillac: Animator of the Confraternities of Charity
St. Louise de Marillac: Animator of the Confraternities of Charity
 

Fall 2012 Badolato Presentation: When Bad Things Happen to Computer Networks

  • 1. When Bad Things Happen to Computer Networks A demonstration of how hackers break into systems, and what we can all do to reduce our risks Mike O’Leary School of Emerging Technologies Towson University Edward V. Badolato Distinguished Speaker Series September 7, 2012 Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 1 / 81
  • 2. Physical Attacks Suppose you have physical access to a fully patched Windows 7 machine, but don’t have the password. Can you log on? Sure! What happens when you press the blue and white button on the bottom left of a Windows logon screen? What happens if you change that program? Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 2 / 81
  • 3. Physical Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 3 / 81
  • 4. Physical Attacks- Demo Rather than boot to the hard drive, we will boot to a CD-ROM; say Backtrack 5. BIOS passwords can prevent this, but physical access also lets me reset BIOS passwords, usually via jumper settings on the motherboard. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 4 / 81
  • 5. Physical Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 5 / 81
  • 6. Physical Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 6 / 81
  • 7. Physical Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 7 / 81
  • 8. Physical Attacks- Others The “Sticky Keys” feature can be attacked in the same fashion; the program is c:WindowsSystem32sethc.exe To log in as a particular user (rather than as System), one can use a hex editor to modify c:WindowsSystem32msv1 0.dll. Changing two bytes in that file allows you to log on to any account without a password. Kon-Boot. Boot to the CD, and let the tool do the work for you. The tool is picked up as a virus by many anti-virus tools, so careful downloading! Bart’s PE Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 8 / 81
  • 9. Physical Attacks- Countermeasures Protect the phyisical device Encrypt important data. Bitlocker Windows 7 component, but required Windows 7 Enterprise or Windows 7 Ultimate. TrueCrypt: http://www.truecrypt.org/ Free software Let’s you encrypt a volume of files; the volume is treated as a separate hard drive in Windows. Encrypted volumes can take on any name, and can be nested. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 9 / 81
  • 10. Physical Attacks- Countermeasures Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 10 / 81
  • 11. Passwords Why attack passwords? They give authenticated access, meaning that they will not trip intrusion detection systems. How are passwords stored? Plain text (disaster!) Hashed (terrible!) Salted & Hashed (Might be OK) How can you attack a stored password? Brute force attacks Word lists Rainbow tables Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 11 / 81
  • 12. Passwords The speed of a brute force attack depends on the underlying hashing algorithm. A PC with a high end graphics card using an older algorighm (SHA1) can try roughly one billion password guesses per second. Amazon’s cloud service would let a user try roughly 100,000 passwords on 400,000 accounts each day, for a cost of roughly $3501 m3g9tr0n claims to have cracked 122 million passwords (MD5, SHA1) in five months2 1 http://arstechnica.com/security/2012/08/hacked-blizzard-passwords-not-hard-to-crack/ 2 http://blog.thireus.com/cracking-story-how-i-cracked-over-122-million-sha1-and-md5-hashed-passwords Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 12 / 81
  • 13. Password Attacks In 2009, RockYou.com was compromised, leading to the loss of 32 million passwords. These passwords were in plain text. Attackers have used this as starting point to generate word lists. In 2010, Gawker lost 1.5 million unsalted hashed passwords On June 6, LinkedIn lost 6.46 million unsalted password hashes LinkedIn has 160 million accounts. More than 90% of these hashes have been cracked. On June 6, eHarmony lost 1.5 million unsalted password hashes. On July 12, Yahoo! voices lost 400,000 plain text passwords and email addresses. On July 23, Gamigo (a German gaming company) lost 11 million hashed passwords. They also lost 8.2 million email addresses On August 10, Blizzard lost an unknown number of password hashes, including all of the accounts from their North American servers. The number of Blizzard accounts runs well into the millions, just in North America. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 13 / 81
  • 14. Password Attacks Do you re-use your passwords? Could an attacker guess your account name? What would happen? Ask Mat Honan. After an hour-long attack on August 3, he discovered that3 His Google account was taken over, then wiped. His Twitter account was compromised and used to spread vitriol His AppleID account was hacked All of the data on his iPhone, iPad, and MacBook was wiped. Why? They wanted to use his Twitter account. 3 http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/ Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 14 / 81
  • 15. Password Attacks- Demo We can perform a live attack on a password protected service by simply trying various combinations. This is often noticeable to intrusion detection systems, but if it is spread across multiple attacker machines, it is difficult to stop. In this first example, we attack a simple e-commerce site. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 15 / 81
  • 16. Password Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 16 / 81
  • 17. Password Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 17 / 81
  • 18. Password Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 18 / 81
  • 19. Password Attacks- Demo Looking at the source, we see that the request to log in is A request made via SSL Target page is http://shop.index.php GET parameters include main page = login action = process zenid = 65dsqnj1qs9hn8h57ij6dkk22veopsul POST parameters include password, specified by the user securityToken = d597db5e25bda24bb43c65307d9c21ca as a hidden field. We build a corresponding request using Hydra. We specify a list of user names (-L) We specify a list of passwords (-P) We specify what we expect to see in an error page (the text “Error”) We specify the number of threads (-t) We specify the timeout (-w) We specify where we dump the resulrs (-o) We use verbose output (-vV) Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 19 / 81
  • 20. Password Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 20 / 81
  • 21. Password Attacks- Demo These attacks can also be performed against domain controllers. Suppose that the domain UNSEEN has the domain controller ephebe.unseen.disc.tu located at the address 192.168.1.30. We again use hydra The method is now smb The address is specified as well Other parameters are chosen as in the previous example. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 21 / 81
  • 22. Password Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 22 / 81
  • 23. Passwords Attacks- Countermeasures Lots of folks have given you lots of advice on passwords Use an uncommon word Inlude some captial letters Make some substitutions- say replace an “a” with an “4” Include a number Include a symbol Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 23 / 81
  • 24. Password Attacks- Countermeasures Source: http://xkcd.com/936/ Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 24 / 81
  • 25. Password Attacks- Countermeasures There is no substitute for length in your passwords. If you are using random symbols & characters, then at least 12 characters. If you use word(s), then double this. Attackers already know the common tricks for making passwords more “complex”; they use wordlists and then permute them with all of these common tricks. Use different passwords for different accounts How can I manage different passwords? Use PasswordSafe, a free program available at http://passwordsafe.sourceforge.net/ Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 25 / 81
  • 26. Password Attacks- Countermeasures Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 26 / 81
  • 27. Password Attacks- Countermeasures Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 27 / 81
  • 28. Password Attacks- Countermeasures Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 28 / 81
  • 29. Password Attacks- Countermeasures Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 29 / 81
  • 30. Application Attacks Most computer attacks rely on software vulnerabilities These are mistakes in a program that can be exploited to violate a security policy When found, these are classified and given a common CVE name & number (http://cve.mitre.org) Some vulnerabilities allow a third-party access to a system Others allow a user a greater level of access to a system than intented (privilege escalation) Some vulnerabilities do not require user action Vulnerabilities in the core operating system can be particularly problematic. Microsoft patches are numbered by year and patch number. MS08-067 (CVE 2008-4250)- Microsoft Server Service Vulnerability Windows 2000, 2003, XP MS03-026 (CVE 2003-0352)- Microsoft RPC DCOM. Affects Windows NT, 2000, 2003. Root cause of Blaster worm, Nachi worm. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 30 / 81
  • 31. Application Attacks Attackers have turned their attention to application level atacks These focus on Web browsers Active content for web browsers Java Flash Documents Microsoft Word Microsoft Excel Adobe Reader Browser attacks require the user to visit a web page hosting the malicious content Document attacks require the user to open the malicious document Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 31 / 81
  • 32. Application Attacks Suppose you knew that the target was running Adobe Reader. 1/2012 CVE 2011-2462 Adobe Reader U3D Memory Corruption 9.4.6, 10.1.1 9/2010 CVE 2010-2883 Adobe CoolType SING Table uniqueName 8.2.4, 9.3.4 Stack Buffer Overflow 3/2010 CVE 2010-0188 Adobe Acrobat Bundled LibTIFF Integer 8.2, 9.3 Overflow 12/2009 CVE 2009-4324 Adobe Doc.media.newPlayer Use After 9.2 Free Vulnerability 12/2009 CVE 2009-3459 Adobe FlateDecode Stream Predictor 02 9.2 Integer Overflow 11/2009 CVE 2009-2990 Adobe U3D CLODProgressiveMeshDecla- 7.1.4, 8.1.7, 9.2 ration Array Overrun 3/2009 CVE 2009-0927 Adobe Collab.getIcon() Buffer Overflow 7.1.1, 8.1.3, 9.1 3/2009 CVE 2009-0658 Adobe JBIG2Decode Heap Corruption 9.0 12/2008 CVE 2008-2992 Adobe util.printf() Buffer Overflow 8.1.3 Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 32 / 81
  • 33. Application Attacks Suppose you knew that the target was running Microsoft Office: 6/2012 CVE 2012-0013 MS12-005 Microsoft Office ClickOnce Un- Word 07, 10 safe Object Package Handling Vulnerability 4/2012 CVE 2012-0158 MS12-027 MSCOMCTL ActiveX Buffer Word 07, 10 Overflow 12/2011 CVE 2010-3333 MS10-087 Microsoft Word RTF pFrag- Word 03, 07, 10 ments Stack Buffer Overflow 11/2011 CVE 2010-0822 MS11-038 Excel Malformed OBJ Record Excel 02 Handling Overflow 11/2011 CVE 2011-0105 MS11-021 Excel .xlb Buffer Overflow Excel 07 5/2010 CVE 2010-0033 MS10-004 PowerPoint Viewer TextByte- PowerPoint Viewer 03 sAtom Stack Buffer Overflow 2/2010 CVE 2009-3129 MS09-067 Excel Malformed FEATHEADER Excel 02, 03, 07 Record Vulnerability Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 33 / 81
  • 34. Application Attacks Suppose you knew that the target was running Adobe Flash Player: 8/20/2012 CVE 2012-1535 Adobe Flash Player 11.3 Font 11.3.300.271 (8/14/2012) Parsing Code Execution 6/25/2012 CVE 2012-0779 Adobe Flash Player Object Type 11.2.202.235 (5/3/2012) Confusion 6/20/2012 CVE 2011-2110 Adobe Flash Player AVM Ver- 10.3.181.23 (11/11/2011) ification Logic Array Indexing Code & Execution 4/20/2012 CVE 2008-5499 Adobe Flash Player ActionScript 10.0.12.36 (10/4/2008) Launch Command Execution Vulnerability 3/8/2012 CVE 2012-0754 Adobe Flash Player .mp4 ’cprt’ 11.1.102.55 (11/11/2011) Overflow Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 34 / 81
  • 35. Application Attacks How does an application attack work? Let’s demonstrate an attack based on CVE 2012-1889, MS12-043 Microsoft XML Core Services MSXML Uninitialized Memory Corruption This is a vulnerability in how Windows handles XML, and is of critical importance for Internet Explorer. Code to exploit this vulnerability was publicly released on June 15 (via Metasploit); it is likely that this vulnerability was being exploited by others privately before this time. Microsoft did not patch this vulnerability until they released MS12-043, on July 10. Anyone using Internet Explorer prior to the release of the patch would have been vulnerable. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 35 / 81
  • 36. Application Attacks- Demo The attacking machine will be using Backtrack 5 R3. The victim machine will be a Windows 7 workstation, running Service Pack 1 (the latest), but not patched with MS12-043. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 36 / 81
  • 37. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 37 / 81
  • 38. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 38 / 81
  • 39. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 39 / 81
  • 40. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 40 / 81
  • 41. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 41 / 81
  • 42. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 42 / 81
  • 43. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 43 / 81
  • 44. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 44 / 81
  • 45. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 45 / 81
  • 46. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 46 / 81
  • 47. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 47 / 81
  • 48. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 48 / 81
  • 49. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 49 / 81
  • 50. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 50 / 81
  • 51. Application Attacks Another common attack target, especially lately has been Java. 8/27/2012 CVE 2012-4681 Java 7 Applet Remote Code Execution Java 7U6 7/9/2012 CVE 2012-1723 Java Applet Field Bytecode Verifier Java 6U32, Java 7U5 Cache Remote Code Execution 3/29/2012 CVE 2012-0507 Java AtomicReferenceArray Type Vio- Java 6U30, Java 7U2 lation Vulnerability 11/29/2011 CVE 2011-3544 Java Applet Rhino Script Engine Re- Java 6U27, Java 7 mote Code Execution Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 51 / 81
  • 52. Application Attacks We demonstrate the use of the July Java attack (CVE 2012-1723, Java Applet Field Bytecode Verifier Cache Remote Code Execution) on a system. The target will be a Windows 7 machine, but this time it will not be patched up to Service Pack 1. After compromising the target, we will use CVE 2010-3338, (MS10-092 Windows Escalate Task Scheduler XML Privilege Escalation) which is one of the vulnerabilties exploited by Stuxnet. This will allow us to gain full control over the system at the SYSTEM level. We will grab the password hashes and crack them. We will add a new administrator to the system (us!) We will ensure that the system connects back to us, even if the system is subsequently rebooted. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 52 / 81
  • 53. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 53 / 81
  • 54. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 54 / 81
  • 55. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 55 / 81
  • 56. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 56 / 81
  • 57. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 57 / 81
  • 58. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 58 / 81
  • 59. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 59 / 81
  • 60. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 60 / 81
  • 61. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 61 / 81
  • 62. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 62 / 81
  • 63. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 63 / 81
  • 64. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 64 / 81
  • 65. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 65 / 81
  • 66. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 66 / 81
  • 67. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 67 / 81
  • 68. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 68 / 81
  • 69. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 69 / 81
  • 70. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 70 / 81
  • 71. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 71 / 81
  • 72. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 72 / 81
  • 73. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 73 / 81
  • 74. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 74 / 81
  • 75. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 75 / 81
  • 76. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 76 / 81
  • 77. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 77 / 81
  • 78. Application Attacks- Demo Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 78 / 81
  • 79. Application Attacks- Countermeasures Be sure all of your software is up to date. Pay special attention to: Browsers (IE, Chrome, Firefox, Safari) MS Office Adobe Flash, Reader Java Don’t install software if you do not need it! The attacks on IE succeeded in part because we leveraged the existing Java install! Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 79 / 81
  • 80. Application Attacks- Countermeasures The final attack succeded because the user: Clicked on a malicious link Was running an outdated version of Java Was running an unpatched version of Windows This attack required multiple failures in multiple places! Don’t be fearful that your security posture is imperfect; instead make it difficult for an attacker to exploit you by being aware and resposive to the threats. Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 80 / 81
  • 81. Questions? Mike O’Leary School of Emerging Technologies Towson University moleary@towson.edu Mike O’Leary (Towson University) When Bad Things Happen... Badolato Speaker Series 81 / 81