Upload File

6. vulnerabilities

prev
next
out of 21
Download 6. Vulnerabilities

Upload: beatrice-firan

Post on 16-Oct-2015

56 views

Category:

Documents


0 download

Report

TRANSCRIPT

  • 6. Identificarea vulnerabilitilor

  • 2 Ion BICA

    Vulnerabiliti

    Eroare de programare sau greeal de configurare ce poate

    crea bree n securitatea sistemelor

    Dac nu sunt corectate la timp pot fi exploatate de ctre un

    eventual atacator

    Metode de corecie

    instalare de patch-uri recomandate de productor

    securizarea sistemelor (hardening)

  • 3 Ion BICA

    Vulnerabiliti (cont.)

    Total vulnerabiliti raportate (1995-Q3,2008): 44,074

    Sursa: CERT (http://www.cert.org )

    8,064

    2006

    7,236 5,9903,7803,7844,1292,4371,090Vulnerabilities

    2007200520042003200220012000Year

    0

    1,000

    2,000

    3,000

    4,000

    5,000

    6,000

    7,000

    8,000

    9,000

    2000 2001 2002 2003 2004 2005 2006 2007 2008

  • 4 Ion BICA

    Vulnerabiliti (cont.)

    Sursa: Secunia (http://www.secunia.com)

    10 firme sunt responsabile pentru 38% din vulnerabilitile dintr-un an!

  • 5 Ion BICA

    Vulnerabiliti (cont.)

    Numai 20% din vulnerabiliti sunt critice!

    Sursa: Secunia (http://www.secunia.com)

  • 6 Ion BICA

    Vulnerabiliti (cont.)

    Common Vulnerabilities and Exposures (CVE)

    lista cu denumirile standardizate ale tuturor vulnerabilitilor cunoscute

    public

    dicionar de vulnerabiliti (nu baz de date)

    http://cve.mitre.org/

    Open Vulnerability and Assessment Language (OVAL)

    standard ce descrie modul n care poate fi verificat existena unei

    vulnerabiliti pe un sistem de calcul

    http://oval.mitre.org/

  • 7 Ion BICA

    Scannere de vulnerabiliti

    Automatizarea procesului de identificare i corectare a vulnerabilitilor

    Clasificare funcie de locaie de unde se face scanarea

    network based

    host based

    funcie de credenialele folosite pe parcursul scanrii

    cu drepturi administrative

    fr drepturi administrative

    funcie de tipul de sisteme / aplicaii testate

    de uz general

    pentru aplicaii web

  • 8 Ion BICA

    Scannere de vulnerabiliti de uz general

    Nessus (http://www.nessus.org )

    the best security tool!

    SARA - Security Auditor's Research Assistant (http://www-arc.com/sara/ )

    X-scan (http://www.xfocus.com)

    MBSA (http://www.microsoft.com )

    GFI LANGuard (http://www.gfi.com )

    Retina (http://www.eeye.com )

    CORE IMPACT (http://www.coresecurity.com )

    Proventia Network Enterprise Scanner (http://www.ibm.com )

    QualysGuard (http://www.qualys.com/ )

    SAINT - System Administrators Integrated Network Tool

    (http://www.saintcorporation.com/ )

  • 9 Ion BICA

    Nessus

    Arhitectur client / server server (scanning engine)

    client (user interface)

    autentificare utilizatori + criptare conexiune (SSL)

    Modular funcionaliti implementate sub forma de plugin-uri (script-uri)

    aproximativ 40.000 de plugin-uri de scanare a vulnerabilitilor

    NASL (Nessus Attack Scripting Language)

    Detectarea serviciilor active de pe calculatorul int se face prin port scanning

    ping, TCP connect(), SYN scan

    Metode de scanare safe / distructive

    Generare de rapoarte (HTML)

    Compatibil CVE

    2 tipuri de abonamente ProfessionalFeed (1200 USD / year)

    HomeFeed (free)

  • 10 Ion BICA

    Nessus (cont.)

    1. Conectare n sistem (autentificare)

    2. Definire inte (calculator / subreea)

    3. Selectare politic de scanare (plugin-uri)

    4. Scanare sisteme

    5. Interpretare rezultate

  • 11 Ion BICA

    Nessus (cont.)

  • 12 Ion BICA

    MBSA

    Microsoft Baseline Security Analyzer

    Detecteaz vulnerabiliti specifice produselor Microsoft:

    Security updates

    Weak passwords

    Windows configuration

    IIS vulnerabilities

    SQL vulnerabilities

    Necesit drepturi administrative pe calculatorul int

    Generare de rapoarte

  • 13 Ion BICA

    MBSA (cont.)

  • 14 Ion BICA

    Vulnerabiliti specifice aplicaiilor Web

    Over 70% of security vulnerabilities exist at the application layer,

    not the network or system layer.

    Gartner 2004-2006

  • 15 Ion BICA

    Vulnerabiliti specifice aplicaiilor Web (cont.)

    Unvalidated Input

    Cookie Poisoning

    CGI Parameters

    SQL Injection

    Cross site scripting (XSS)

    Directory Traversal

    Buffer Overflow

  • 16 Ion BICA

    Scannere de vulnerabiliti pentru aplicaii Web

    Nikto (http://www.cirt.net/nikto2 )

    Paros proxy (http://www.parosproxy.org )

    Burpsuite (http://portswigger.net/suite/ )

    WebInspect (http://www.spidynamics.com )

    Acunetix WVS (http://www.acunetix.com )

    Rational AppScan (http://www.ibm.com )

    N-Stealth (http://www.nstalker.com/nstealth/ )

    Open Web Application Security Project (OWASP)

    http://www.owasp.org/

  • 17 Ion BICA

    Nikto

    Open Source (GPL)

    Utilitar n linie de comand

    Verificri efectuate:

    server and software misconfigurations

    default files and programs

    insecure files and programs

    outdated servers and programs

    Asigur identificarea modulelor software instalate pe serverul de Web (php,

    perl, etc)

    Suport pentru SSL, LibWhisker2 (anti IDS)

    Generare rapoarte n diverse formate (text, CSV, HTML, XML, NBE )

    Permite integrarea cu Nessus

    lansarea automat a programului nikto atunci cnd Nessus detecteaz un

    server de Web

  • 18 Ion BICA

    Nikto (cont.)

  • 19 Ion BICA

    Acunetics WVS

    Verificri efectuate: CGI testing

    parameter manipulation (SQL Injection, XSS, )

    text search

    port scanning

    Google Hacking Database

    Generare de rapoarte customizate

    Suport pentru AJAX / Web 2.0

    Suport pentru CAPTCHA, Single Sign-On i mecanisme de autentificare bazate pe doi factori

    Unelte auxiliare HTTP Editor, HTTP Sniffer, HTTP Fuzzer, Scripting tool, Blind SQL

    Injector

    1500 USD (Single User Single URL Perpetual License)

  • 20 Ion BICA

    Acunetics WVS (cont.)

  • 21 Ion BICA


Server vulnerabilities

Compounded Vulnerabilities in Social Institutions: Vulnerabilities as Kinds

Vulnerability Notification for Teams · 2019-10-09 · Inform your teams on vulnerabilities User creation using the API 6 This sample Latest Vulnerabilities notification shows vulnerabilities

Vulnerabilities to flood hazards among rural households in ...oar.icrisat.org/10164/1/Vulnerabilities to flood... · Nat Hazards DOI 10.1007/s11069-017-2911-6. household is governed

Linux Vulnerabilities

Chapter 6 Threats and vulnerabilities. Overview Threat model Agents Actions Vulnerabilities 2

Vulnerabilities - CordAid

Dependencies & Vulnerabilities: The Energy … & Vulnerabilities: The Energy Parameters of the Evolving Crisis between Russia, the EU and Ukraine Dr. Theodoros Tsakiris 6 Natural Gas:

06 Vulnerabilities

Android Vulnerabilities

Microsoft OS Vulnerabilities

802.16 Vulnerabilities

DNS Vulnerabilities

Source port vulnerabilities in .JP - static ... - DNS-OARC · Vulnerabilities suspected Heavy user exists. Vulnerabilities suspected Heavy user exists. Vulnerabilities suspected 25

AON and Grid Security: XML Web Services vulnerabilities and … · 2013. 6. 2. · RIPE51, September 10, 2005 AON and Grid Security: Vulnerabilities Analysis Slide_5 Background -

VoIP VULNERABILITIES

TCP Vulnerabilities

New Vulnerabilities in 5G Networks...1. 3GPP TS 24.301, 23.401, 24.008 2. 3GPP TS 36.331 07.08.2019 New Vulnerabilities in 5G Networks 6 Core Capabilities 07.08.2019 New Vulnerabilities

Real-life patch test - vulnerabilities found in one simple server in 6 months

Finding and Exploiting Access Control Vulnerabilities in ... · Finding and Exploiting Access Control Vulnerabilities in Graphical User Interfaces ... Vulnerabilities in Graphical

Detection & prevention of vulnerabilities in web applications · 2020. 3. 20. · vulnerabilities. 1.1 Common Web Application Vulnerabilities The risk of web application vulnerabilities

SECURITY TRENDS & VULNERABILITIES REVIEW WEB APPLICATIONS … · SECURITY TRENDS & VULNERABILITIES REVIEW WEB APPLICATIONS ff2017fl Contents ... SECURITY TRENDS & VULNERABILITIES

Violence & Vulnerabilities

XSS Vulnerabilities

Computer Vulnerabilities

Understanding Software Vulnerabilities

Vulnerabilities 101

SQL Vulnerabilities

New REDUCING LOCAL VULNERABILITIES AND RISKS BY …jfa.arch.metu.edu.tr/archive/0258-5316/2015/cilt32/sayi... · 2015. 6. 19. · REDUCING LOCAL VULNERABILITIES AND RISKS METU JFA

IIS Vulnerabilities

XSS Injection Vulnerabilities

Security Vulnerabilities

Internet banking safeguards vulnerabilities - 2016.appsec.eu · • Vulnerabilities and best practices – transaction authorization vulnerabilities, trusted recipients feature abuses,

1 System Programming Topic 19 Software Vulnerabilities Topic 19: Software Vulnerabilities

Common Vulnerabilities