computer security update
Download
Skip this Video
Download Presentation
Computer Security Update

Loading in 2 Seconds...

play fullscreen
1 / 13

Computer Security Update - PowerPoint PPT Presentation


  • 76 Views
  • Uploaded on

Computer Security Update. Bob Cowles, SLAC bob.cowles @ stanford.edu Presented to HEPiX at Fermilab 23 Oct 2002. Work supported by U. S. Department of Energy contract DE-AC03-76SF00515. Areas. Solaris Cisco Linux IIS Internet Explorer Windows Misc Virus & Worm Conclusions News.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Computer Security Update' - sheryl


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
computer security update

Computer Security Update

Bob Cowles, SLAC

[email protected]

Presented to HEPiX at Fermilab

23 Oct 2002

Work supported by U. S. Department of Energy contract DE-AC03-76SF00515

areas
Areas
  • Solaris
  • Cisco
  • Linux
  • IIS
  • Internet Explorer
  • Windows
  • Misc
  • Virus & Worm
  • Conclusions
  • News

HEPiX – Bob Cowles – SLAC

solaris
Solaris
  • /bin/login
  • ssh & OpenSSH
  • in.talkd
  • cachefsd
  • xdr_array bo (affects OpenAFS too)
  • ttdbserver
  • TTYPROMPT

HEPiX – Bob Cowles – SLAC

cisco
Cisco
  • ssh
  • Aironet wireless APs (telnet)
  • ntp daemon
  • httpd
  • default passwords

HEPiX – Bob Cowles – SLAC

linux
Linux
  • ssh
  • wu-ftp
  • glibc
  • OpenSSH
  • glibc (reboot required)
  • Bugzilla
  • OpenSSL

HEPiX – Bob Cowles – SLAC

apache
Apache
  • Transfer chunking
  • mod_ssl off-by-one
  • shared memory scoreboard - scripting

HEPiX – Bob Cowles – SLAC

slide7
IIS
  • Cookie handling error (cross domains)
  • .htr heap overflow
  • Office Web components
  • SmartHTML interpreter
  • .htr transfer chunking

HEPiX – Bob Cowles – SLAC

internet explorer
Internet Explorer
  • file name spoofing
  • VBScript read local files
  • jpeg scripting
  • Gopher protocol error
  • SSL cert checking error (Outlook, too)
  • Cached objects

HEPiX – Bob Cowles – SLAC

windows
Windows
  • MS SQL Server & Media Player
  • UPNP
  • XMLHTTP
  • JVM
  • Debugger
  • MS Office document grabbing
  • Network Connection Manager
  • Windows XP SP1

HEPiX – Bob Cowles – SLAC

slide10
Misc
  • OpenVMS DECwindows Motif Server
  • Add’l files indexed by Google
  • AOL AIM & Yahoo Messenger
  • snmp
  • PGP buffer overflow
  • libbind resolver buffer overflow
  • MIME send by reference (RFC 2046)
  • TCP/IP ambiguity

HEPiX – Bob Cowles – SLAC

virus worm
Virus & Worm
  • Magistr
  • badtrans
  • Goner
  • Myparty: www.myparty.yahoo.com
  • Frethem (your password)
  • Klez
  • Bugbear

HEPiX – Bob Cowles – SLAC

conclusions almost the same
Conclusions (almost the same)
  • Poor administration is still a major problem
  • Firewalls cannot substitute for patches
  • Multiple levels of virus/worm protection are necessary
  • Clue is more important than source

HEPiX – Bob Cowles – SLAC

slide13
News
  • OpenSSH trojaned

http://www.cert.org/advisories/CA-2002-24.html

  • 20 things to make your system safe and secure (really!) http://www.sans.org/top20/
  • New versions of PGP .. incl. version 8.0 beta for Windows http://www.pgp.com/beta80.php
  • SMTP trojaned http://www.cert.org/advisories/CA-2002-28.html
  • Flash and Warhol worms

http://www.icir.org/vern/papers/cdc-usenix-sec02/index.html

  • Attack on root DNS servers http://www.washingtonpost.com/wp-dyn/articles/A828-2002Oct22.html

HEPiX – Bob Cowles – SLAC

ad