Computer security update
This presentation is the property of its rightful owner.
Sponsored Links
1 / 13

Computer Security Update PowerPoint PPT Presentation


  • 50 Views
  • Uploaded on
  • Presentation posted in: General

Computer Security Update. Bob Cowles, SLAC bob.cowles @ stanford.edu Presented to HEPiX at Fermilab 23 Oct 2002. Work supported by U. S. Department of Energy contract DE-AC03-76SF00515. Areas. Solaris Cisco Linux IIS Internet Explorer Windows Misc Virus & Worm Conclusions News.

Download Presentation

Computer Security Update

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Computer security update

Computer Security Update

Bob Cowles, SLAC

[email protected]

Presented to HEPiX at Fermilab

23 Oct 2002

Work supported by U. S. Department of Energy contract DE-AC03-76SF00515


Areas

Areas

  • Solaris

  • Cisco

  • Linux

  • IIS

  • Internet Explorer

  • Windows

  • Misc

  • Virus & Worm

  • Conclusions

  • News

HEPiX – Bob Cowles – SLAC


Solaris

Solaris

  • /bin/login

  • ssh & OpenSSH

  • in.talkd

  • cachefsd

  • xdr_array bo (affects OpenAFS too)

  • ttdbserver

  • TTYPROMPT

HEPiX – Bob Cowles – SLAC


Cisco

Cisco

  • ssh

  • Aironet wireless APs (telnet)

  • ntp daemon

  • httpd

  • default passwords

HEPiX – Bob Cowles – SLAC


Linux

Linux

  • ssh

  • wu-ftp

  • glibc

  • OpenSSH

  • glibc (reboot required)

  • Bugzilla

  • OpenSSL

HEPiX – Bob Cowles – SLAC


Apache

Apache

  • Transfer chunking

  • mod_ssl off-by-one

  • shared memory scoreboard - scripting

HEPiX – Bob Cowles – SLAC


Computer security update

IIS

  • Cookie handling error (cross domains)

  • .htr heap overflow

  • Office Web components

  • SmartHTML interpreter

  • .htr transfer chunking

HEPiX – Bob Cowles – SLAC


Internet explorer

Internet Explorer

  • file name spoofing

  • VBScript read local files

  • jpeg scripting

  • Gopher protocol error

  • SSL cert checking error (Outlook, too)

  • Cached objects

HEPiX – Bob Cowles – SLAC


Windows

Windows

  • MS SQL Server & Media Player

  • UPNP

  • XMLHTTP

  • JVM

  • Debugger

  • MS Office document grabbing

  • Network Connection Manager

  • Windows XP SP1

HEPiX – Bob Cowles – SLAC


Computer security update

Misc

  • OpenVMS DECwindows Motif Server

  • Add’l files indexed by Google

  • AOL AIM & Yahoo Messenger

  • snmp

  • PGP buffer overflow

  • libbind resolver buffer overflow

  • MIME send by reference (RFC 2046)

  • TCP/IP ambiguity

HEPiX – Bob Cowles – SLAC


Virus worm

Virus & Worm

  • Magistr

  • badtrans

  • Goner

  • Myparty: www.myparty.yahoo.com

  • Frethem (your password)

  • Klez

  • Bugbear

HEPiX – Bob Cowles – SLAC


Conclusions almost the same

Conclusions (almost the same)

  • Poor administration is still a major problem

  • Firewalls cannot substitute for patches

  • Multiple levels of virus/worm protection are necessary

  • Clue is more important than source

HEPiX – Bob Cowles – SLAC


Computer security update

News

  • OpenSSH trojaned

    http://www.cert.org/advisories/CA-2002-24.html

  • 20 things to make your system safe and secure (really!) http://www.sans.org/top20/

  • New versions of PGP .. incl. version 8.0 beta for Windows http://www.pgp.com/beta80.php

  • SMTP trojaned http://www.cert.org/advisories/CA-2002-28.html

  • Flash and Warhol worms

    http://www.icir.org/vern/papers/cdc-usenix-sec02/index.html

  • Attack on root DNS servers http://www.washingtonpost.com/wp-dyn/articles/A828-2002Oct22.html

HEPiX – Bob Cowles – SLAC


  • Login