Quiz 2 -> Exam Topics
This presentation is the property of its rightful owner.
Sponsored Links
1 / 9

Quiz 2 -> Exam Topics Fall 2004 PowerPoint PPT Presentation


  • 61 Views
  • Uploaded on
  • Presentation posted in: General

Quiz 2 -> Exam Topics Fall 2004. Chapter 10a - Firewalls. Simple Firewall - drops packets based on IP, port Stateful - Keeps track of connections, set up inside or outside. NAT - Network Address Translation, Private Address ranges (10. ) Proxy Server - checks application header and data.

Download Presentation

Quiz 2 -> Exam Topics Fall 2004

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Quiz 2 exam topics fall 2004

Quiz 2 -> Exam Topics

Fall 2004


Quiz 2 exam topics fall 2004

Chapter 10a - Firewalls

Simple Firewall - drops packets based on IP, port

Stateful - Keeps track of connections, set up inside or outside.

NAT - Network Address Translation, Private Address ranges (10. )

Proxy Server - checks application header and data.

Attacks - how does Firewall protect against scanning, bad-fragments, bad TCP flags, Smuft attack, ...

Host-based Firewalls - xinetd (/etc/hosts.allow), iptables, Zone Alarm, Black Ice (now ISS Desktop Proventia)

2


Quiz 2 exam topics fall 2004

Chapter 10b - Trusted Systems

Subject, Object, Access Rights (permissions)

Policy - Access matrix or ACL (access control list)

Basic Security Rules:

No read up (simple security property)

No write down (do not widen accessibility)

Need to Know.

Reference Monitor, audit file, security kernel database.

Requirements to be a “Trusted System”:

Complete Mediation,

Isolation,

Verifiability

“Common Criteria” Security Specifications - multinational trust ratings

3


Quiz 2 exam topics fall 2004

Chapter 11 - TCP/IP

Use of bad fragments to crash Operating System (OS).

Use of ICMP packets (ping, “unreachable”, “time-out”)

Smuft attack (packet multiplication, use of broadcast address).

“Spoofed” addresses.

TCP Flags - bad combinations to map OS, cause crashes.

TCP - Highjacked connection.

4


Quiz 2 exam topics fall 2004

Chapter 12 - Traffic Visualization

Bandwidth versus time (flood attacks).

Packets per period - by TCP and UDP port numbers.

Therminator - shows unbalance in traffic flow.

5


Quiz 2 exam topics fall 2004

Chapter 13 - NetSec Utilities

What do they do?

Tripwire

Saint and Satan

Nessus

Ethereal and “tcpdump”

Security Organizations:

US-CERT (U.S. Computer Emergency Response Team)

SANS

NIPC (FBI - Nat. Infrastructure Protection Center)

What to do if a host is compromised.

Evidence - chain of custody

6


Quiz 2 exam topics fall 2004

Slide Set 14 - Wireless Security

WEP is weak security, but far better than nothing.

Use longest key-length possible.

Enable use of “allowed list” of MAC addresses.

Use higher-layer security - IPsec or SSL.

Use a firewall and IDS to isolate wireless access points (WAP’s) just like you do for the Internet.

Search for “Rogue” WAP’s.

7


Quiz 2 exam topics fall 2004

Slide set 15 - Hidden Data

Hidden Files (on UNIX, name starts with “.”)

Startup scripts (great place to hide a Trojan Horse)

Covert channels (hide in “Ping” packets, SSH, port 80 FTP)

Steganography (hiding data in an image file)

Watch for new processes, files (particularly “suid” files), open Internet TCP and UDP ports.

8


Quiz 2 exam topics fall 2004

Slide set 16 - Safe Computing

Buffer Overflow(what is it, what does it do)

How to code to prevent possibility of a “Buffer Overflow”

Eliminate unneeded daemons, “suid programs,” open ports, and user accounts.

Enforce long, mixed-character passwords.

Explain “Once root, always root”

9


  • Login