chapter 8. copyright pearson prentice-hall 2010 some attacks inevitably get through network...
TRANSCRIPT
![Page 1: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/1.jpg)
Chapter 8
![Page 2: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/2.jpg)
Copyright Pearson Prentice-Hall 2010
Some attacks inevitably get through network protections and reach individual hosts
In Chapter 7, we looked at operating system and data hardening
In Chapter 8, we look at application hardening
This is the last chapter on protection.◦ Chapter 9 focuses on response
2
![Page 3: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/3.jpg)
Copyright Pearson Prentice-Hall 2010
Executing Commands with the Privileges of a Compromised Application
◦ If an attacker takes over an application, the attacker can execute commands with the privileges of that application
◦ Many applications run with super user (root) privileges
◦ In Today’s News…
CarrierIQ
Hidden surveillance software, is embedded into most mobile devices, including Android, Nokia, Blackberry
With you guessed it Root Access!
3
![Page 4: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/4.jpg)
One of the most important findings in cybersecurity over the past several years has been the understanding most often asserted by White House officials that "offense must inform defense." Only people who understand how attacks are carried out can be expected to be effective defenders.
Copyright Pearson Prentice-Hall 2010
4
![Page 5: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/5.jpg)
Copyright Pearson Prentice-Hall 2010 5
![Page 6: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/6.jpg)
Copyright Pearson Prentice-Hall 2009 6
![Page 7: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/7.jpg)
But if we don’t understand these vulnerabilities
We Can’t ask the correct questions
We Can’t deploy the proper controls
We Can’t test the controls are working
7Copyright Pearson Prentice-Hall 2009
![Page 8: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/8.jpg)
mydebitcredit.com
Reviewing one of the disabled files, this is the malicious code that wasinjected at the beginning of the file:<?php /**/eval(base64_decode("aWYoZnVuY3Rpb25fZXhpc3RzKCdvYl9zdGFydCcpJiYhaXNzZXQo... (this continues on)
8
![Page 9: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/9.jpg)
Buffer Overflows
Stack Overflows
Cross-Site Scripting (XSS)
SQL-Injection
Copyright Pearson Prentice-Hall 2010
9
![Page 10: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/10.jpg)
Buffer Overflow Attacks
◦ Buffers are places where data is stored temporarily
◦ A condition at an interface under which more input can be placed into a buffer or data holding area than the capacity allocated, overwriting other information.
◦ Consequences include:
Corruption of data
Unexpected transfer of control (to an unauthorized program)
Memory access violations
Program termination
10
![Page 11: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/11.jpg)
Copyright Pearson Prentice-Hall 2010
11
ReturnAddressData Buffer
1.Write Return
Address
2.Add Datato Buffer
3. Direction of Data Writing 4.Overwrite
ReturnAddress
5.Start of
Attack Code
![Page 12: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/12.jpg)
12
Lets say this is computer memory running an application.The application is paused to get dataSo the address of where the application is before interruption is storedSo we can return after getting data, but the return address is overwritten and after the pause, a new program begins processing
ApplicationApplication
VariablesVariables
Return AddressReturn Address
ApplicationApplication
OverwritesReturn Address
VariablesVariables
New Return AddressNew Return Address
Exploit/ShellCodeExploit/ShellCode
![Page 13: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/13.jpg)
Identify existence of a buffer overflow vulnerability
Application must require external data that the attacker can control
Understanding of how buffer will be stored in memory
13
![Page 14: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/14.jpg)
Inspect Code
Fuzzing (discussed later)
14
![Page 15: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/15.jpg)
Specifically written for:◦ A particular processor (e.g. Intel)
◦ A particular Operating System (Windows XP SP3)
◦ A particular Application
◦ Written in Machine code Requires High level of Expertise But Not anymore….
Metaspolit Project
15
![Page 16: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/16.jpg)
Compile-Time Defenses◦ Harden Program Code
Run-Time Defenses◦ Detect and Abort Buffer Overflow Attacks
16
![Page 17: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/17.jpg)
Choose High-Level Program Language◦ Higher level languages better address
Data Types (text in text, integer in integer) Better controls over data type manipulations Perform range checks
◦ Downside Cost Further away from underlying machine
language May not be able to access certain instructions
and hardware resources may be lost May not be possible to use these languages for
Device Drivers
17
![Page 18: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/18.jpg)
Safe Coding Techniques◦ Programmers need to inspect code for Security
◦ OpenBSD – Secure Unix Operating System
◦ Coding for Graceful Failure
◦ Any Code written to a buffer must FIRST check to ensure sufficient space is available
18
![Page 19: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/19.jpg)
Stack Protection◦ Program Entry and Exit code checks for evidence of
corruption
◦ If found program is aborted
◦ Example: Stackgaurd Uses a “Canary” value which is inserted in memory
right below the return address This value is known A check of this value at the known memory
location before using a return address can determine if overflow changes occurred
19
![Page 20: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/20.jpg)
Stack Protection◦ Stackshield and Return Address Defender (RAD)
◦ When new function is called, return address is copied to a safe area of memory
◦ When function is finished, the Return Address in stack is compared against address in safe memory
20
![Page 21: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/21.jpg)
Executable Address Space Protection◦ Do Not allow executable code (applications) to run
from the buffer
Address Space Randomization◦ Change location of buffer in memory randomly for
each process being run.
Guard Pages◦ Gaps are placed between memory locations, thus
overflow data goes into gaps and does not Overwrite data
◦ If data is written to one of these gaps, the program is aborted
21
![Page 22: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/22.jpg)
Copyright Pearson Prentice-Hall 2010
Few Operating Systems but Many Applications◦ Application hardening is more total work than
operating system hardening
Understanding the Server’s Role and Threat Environment◦ Just run minimum necessary applications on a
server
◦ If Email, just run email
22
![Page 23: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/23.jpg)
Copyright Pearson Prentice-Hall 2010
Basics◦ Physical Security◦ Backup◦ Harden the Operating System◦ Etc.
Minimize Applications◦ Main applications◦ Subsidiary applications
Wordpress Plugins (mydebitcredit.com)◦ Be guided by security baselines
23
![Page 24: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/24.jpg)
Copyright Pearson Prentice-Hall 2010
Create Secure Application Program Configurations◦ Use baselines to go beyond default installation
configurations for high-value targets
◦ Avoid blank passwords or well-known default passwords
Install Patches for All Applications
Minimize the Permissions of Applications◦ If an attack compromises an application with low
permissions, will not own the computer24
![Page 25: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/25.jpg)
Copyright Pearson Prentice-Hall 2010
Add Application Layer Authentication, Authorizations, and Auditing◦ More specific to the needs of the application than
general operating system logins
◦ Can lead to different permissions for different users
Implement Cryptographic Systems◦ For communication with users
25
![Page 26: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/26.jpg)
Copyright Pearson Prentice-Hall 2010
Custom Applications◦ Written by a firm’s programmers
◦ Not likely to be well trained in secure coding
The Key Principle◦ Never trust user input
◦ Filter user input for inappropriate content
26
![Page 27: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/27.jpg)
Software Quality Testing◦ Use of Structured Design Process (SAD)
◦ Testing to eliminate as many bugs as possible Variations of likely data input to uncover bugs Focus is on triggering bugs and fixing flaw
Secure Coding◦ Attacker targets a known bug and exploits it
◦ Triggered by input much different than that tested for software quality, thus not likely caught during QA
◦ Increase Time and amount of Code needed Conflicts with Business pressures for SAD
27
![Page 28: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/28.jpg)
Input
Processing
Output
We’ll examine only Input…
28
![Page 29: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/29.jpg)
Most common points of failure
Input is:◦ Any data that originates from outside of the application
Keyboard Files Network connections Data from operating environment Configuration settings
◦ Data value is not known by the programmer when code is written (a variable)
◦ Data size and Data type have to be verified by code
29
![Page 30: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/30.jpg)
Data Interpretation◦ What data is being input
◦ What is the meaning of the data
Data Input can be:◦ Textual
◦ Binary 0s and 1s are interpreted as:
Integers, floating point numbers, character strings Must be validated
Meaning of Data◦ Is it a URL
◦ Email Address
◦ Integer
30
![Page 31: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/31.jpg)
Input data accidently or deliberately changes the operations of the program.
Happens often when input data are passed between functions of a program as parameters (variables)◦ Input to one program is Output to another
SQL injection◦ SQL query inserted as input or part of input
Code injection◦ Code that is executed by the system (e.g. buffer
overflow)
31
![Page 32: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/32.jpg)
Copyright Pearson Prentice-Hall 2010
Buffer Overflow Attacks◦ In some languages, specific actions are needed
◦ In other languages, not a major problem
Login Screen Bypass Attacks◦ Website user gets to a login screen
◦ Instead of logging in, enters a URL for a page that should only be accessible to authorized users
32
![Page 33: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/33.jpg)
Copyright Pearson Prentice-Hall 2010
Cross-Site Scripting (XSS) Attacks
◦ One user’s input can go to another user’s webpage
◦ Usually caused if a website sends back information sent to it without checking for data type, scripts, etc.
◦ Example, If you type your username, it may include something like, “Hello username” in the webpage it sends you
33
![Page 34: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/34.jpg)
Copyright Pearson Prentice-Hall 2010
Example◦ Attacker sends the intended victim an e-mail
message with a link to a legitimate site
◦ However, the link includes a script that is not visible in the browser window because it is beyond the end of the window
◦ The intended victim clicks on the link and is taken to the legitimate webpage
◦ The URL’s script is sent to the webserver with the HTTP GET command to retrieve the legitimate webpage
34
![Page 35: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/35.jpg)
Copyright Pearson Prentice-Hall 2010
Example◦ The webserver sends back a webpage including the script
◦ The script is invisible to the user (browsers do not display scripts)
◦ But the script executes
◦ The script may exploit a vulnerability in the browser or another part of the user’s software
Comment Example◦ Hey I really liked that blog post
◦ <script>document.location=‘http://hacker.web.site’</script>
35
![Page 36: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/36.jpg)
Input data should be inspected
Sounds easy, look for <script> as part of input and block…. But
HTML character entities◦ < = <
Input should be compared to what is wanted by the program◦ NOT against known dangerous values
◦ See Encoding above
36
![Page 37: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/37.jpg)
Copyright Pearson Prentice-Hall 2010
SQL Injection Attacks◦ For database access
◦ Programmer expects an input value—a text string, number, etc. May use it as part of an SQL query or
operation against the database Say to accept a last name as input and return
the person’s telephone number
37
![Page 38: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/38.jpg)
Copyright Pearson Prentice-Hall 2010
SQL Injection Attacks◦ Attacker enters an unexpected string
For example: a last name followed by a full SQL query string Bob’ drop table suppliers==
The program may execute both the telephone number lookup command and the extra SQL query
This may look up information that should not be available to the attacker
It may even delete an entire table38
![Page 39: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/39.jpg)
Copyright Pearson Prentice-Hall 2010
Must Require Strong Secure Programming Training◦ General principles
◦ Programming-language-specific information
◦ Application-specific threats and countermeasures
39
![Page 40: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/40.jpg)
Copyright Pearson Prentice-Hall 2010
Importance of WWW Service and E-Commerce Security◦ Cost of disruptions, harm to reputation, and
market capitalization
◦ Customer fraud
◦ Exposure of sensitive private information
40
![Page 41: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/41.jpg)
Copyright Pearson Prentice-Hall 2010
Webservice versus E-Commerce Service
◦ WWW service provides basic user interactions
Microsoft Internet Information Server (IIS), Apache on UNIX, other webserver programs
◦ E-commerce servers add functionality: Order entry, shopping cart, payment, etc.
Links to internal corporate databases and external services (such as credit card checking)
Custom programs written for special purposes
41
![Page 42: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/42.jpg)
Copyright Pearson Prentice-Hall 2010
42
E-Commerce Software
SubsidiaryE-Commerce SoftwareWebserver
Software Component(PHP, etc.)
CustomPrograms
![Page 43: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/43.jpg)
Copyright Pearson Prentice-Hall 2010
Website Defacement
Numerous IIS buffer overflow attacks◦ Many of which take over the computer
IIS directory traversal attacks
43
![Page 44: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/44.jpg)
Copyright Pearson Prentice-Hall 2010
44
root
WWW Root etcpasswd
ReportsQuarterly.html
Public
TechReportsmicroslo.doc
.. etc
Reports
URL:/Reports/Quarterly.html
URL:/../etc/passwd
Users should only be able to reach files below the WWW root, which is below the true system
root
Users should only be able to reach files below the WWW root, which is below the true system
root
![Page 45: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/45.jpg)
Copyright Pearson Prentice-Hall 2010
45
root
WWW Root etcpasswd
ReportsQuarterly.html
Public
TechReportsmicroslo.doc
.. etc
Reports
URL:/Reports/Quarterly.html
URL:/../etc/passwd
In URLs, .. meansmove up one level.If allowed, user can
get outside the WWW root box, into
other directories
In URLs, .. meansmove up one level.If allowed, user can
get outside the WWW root box, into
other directories
![Page 46: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/46.jpg)
Copyright Pearson Prentice-Hall 2010
IIS directory traversal attacks (Figure 8-8)
◦ Companies filter out “..”
◦ Attackers respond with hexadecimal and UNICODE representations for “..” and “..”
Hex code for .. = 2E2E
Unicode for .. 002E002E
All three interpreted the same by webserver
◦ Typical of the constant “arms race” between attackers and defenders
46
![Page 47: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/47.jpg)
Copyright Pearson Prentice-Hall 2010
Patching the WWW and E-Commerce Software and Their Components◦ Patching the webserver software is not enough
◦ Also must patch e-commerce software
◦ E-commerce software might use third-party component software that must be patched
47
![Page 48: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/48.jpg)
Copyright Pearson Prentice-Hall 2010
Other Website Protections◦ Website vulnerability assessment tools, such as
Whisker
◦ Reading website error logs
◦ Placing a webserver-specific application proxy server in front of the webserver
48
![Page 49: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/49.jpg)
Copyright Pearson Prentice-Hall 2010
49
![Page 50: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/50.jpg)
Copyright Pearson Prentice-Hall 2010
PCs Are Major Targets◦ Have interesting information and can be attacked
through the browser
Client-Side Scripting (Mobile Code)◦ Java applets: Small Java programs
Usually run in a “sandbox” that limits their access to most of the system
◦ Active-X from Microsoft; highly dangerous because it can do almost everything
50
![Page 51: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/51.jpg)
Copyright Pearson Prentice-Hall 2010
Client-Side Scripting (Mobile Code)◦ Scripting languages (not full programming
languages)
A script is a series of commands in a scripting language
JavaScript (not scripted form of Java)
VBScript (Visual Basic scripting from Microsoft)
A script usually is invisible to users
51
![Page 52: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/52.jpg)
Copyright Pearson Prentice-Hall 2010
Malicious Links
◦ User usually must click on them to execute (but not always)
◦ Tricking users to visit attacker websites
Social engineering to persuade the victim to click on a link
Choose domain names that are common misspellings of popular domain names
52
You like beef?click here.You like beef?click here.
http://www.micosoft.comhttp://www.micosoft.com
![Page 53: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/53.jpg)
Copyright Pearson Prentice-Hall 2010
Other Client-Side Attacks
◦ File reading: turn the computer into an unintended file server
◦ Executing a single command
The single command may open a command shell on the user’s computer
The attacker can now enter many commands
53
C:>C:>
![Page 54: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/54.jpg)
Copyright Pearson Prentice-Hall 2010
Other Client-Side Attacks◦ Automatic redirection to unwanted webpage
On compromised systems, the user may be automatically directed to a specific malicious website if they later make any typing error
54
![Page 55: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/55.jpg)
Copyright Pearson Prentice-Hall 2010
Other Client-Side Attacks◦ Cookies
Cookies are placed on user computer; can be retrieved by website
Can be used to track users at a website
Can contain private information
Accepting cookies is necessary to use many websites
55
![Page 56: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/56.jpg)
Copyright Pearson Prentice-Hall 2010
Enhancing Browser Security◦ Patches and updates
◦ Set strong security configuration options (Figure 8-12) for Microsoft Internet Explorer
◦ Set strong privacy configuration options (Figure 8-13) for Microsoft Internet Explorer
56
![Page 57: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/57.jpg)
Copyright Pearson Prentice-Hall 2010
57
![Page 58: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/58.jpg)
Copyright Pearson Prentice-Hall 2010Copyright Pearson Prentice-Hall 200958
![Page 59: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/59.jpg)
Copyright Pearson Prentice-Hall 2010
Content Filtering
◦ Malicious code in attachments and HTML bodies (scripts)
◦ Spam: Unsolicited commercial e-mail
◦ Volume is growing rapidly: Slowing PCs and annoying users (porno and fraud)
◦ Filtering for spam also rejects some legitimate messages
59
![Page 60: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/60.jpg)
Copyright Pearson Prentice-Hall 2010
Inappropriate Content◦ Companies often filter for sexually or racially
harassing messages
◦ Could be sued for not doing so
Extrusion Prevention for Intellectual Property (IP)
Stopping the Transmission of Sensitive Personally Identifiable Information (PII)
60
![Page 61: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/61.jpg)
Copyright Pearson Prentice-Hall 2010
61
![Page 62: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/62.jpg)
Copyright Pearson Prentice-Hall 2010
Employee training
◦ E-mail is not private; company has right to read
◦ Your messages may be forwarded without permission
◦ Never put anything in a message the sender would not want to see in court, printed in the newspapers, or read by his or her boss
◦ Never forward messages without permission
62
![Page 63: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/63.jpg)
Copyright Pearson Prentice-Hall 2010
E-Mail Encryption (Figure 8-17)
63
![Page 64: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/64.jpg)
Copyright Pearson Prentice-Hall 2010
Benefits of Retention◦ Major part of corporate memory
◦ Often need to retrieve old mail for current purposes
Dangers of Retention◦ Legal discovery process
◦ Defendant must supply relevant e-mails
◦ Potentially very damaging information
◦ Always expensive
◦ Even if very expensive to retrieve, firms must pay whatever is necessary to do so
64
![Page 65: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/65.jpg)
Copyright Pearson Prentice-Hall 2010
Accidental Retention◦ Even if firms delete e-mail from mail servers,
◦ May be stored on backup tapes
◦ Users will often store copies on their own computers
65
![Page 66: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/66.jpg)
Copyright Pearson Prentice-Hall 2010
Legal Archiving Requirements◦ Many laws require retention
Securities and Exchange Commission Many labor laws Involuntary terminations Public information about job openings Medical problem complaints that may relate to
toxic chemicals
◦ Laws vary in duration of storage requirements
◦ Fines or summary judgments if fail to retain and produce required e-mails
66
![Page 67: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/67.jpg)
Copyright Pearson Prentice-Hall 2010
U.S. Federal Rules of Civil Procedure◦ Specify rules for all U.S. federal civil trials
◦ Specifically address electronically stored information
◦ Initial discovery meeting Defendant must be able to specify what
information is available Comes shortly after a civil lawsuit begins Unless carefully thought through before hand,
will fail
67
![Page 68: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/68.jpg)
Copyright Pearson Prentice-Hall 2010
U.S. Federal Rules of Civil Procedure◦ Holds on destruction
Must be put in place if it is foreseeable that a lawsuit will soon begin
Must have strong hold procedures to place holds on all electronically stored information
Archiving Policies and Processes◦ Must have them
◦ Must reflect a firm’s legal environment
◦ Must be drawn up with the firm’s legal department
68
![Page 69: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/69.jpg)
Copyright Pearson Prentice-Hall 2010
Message Authentication◦ Spoofed messages can frame employees or the
firm itself
◦ Need message authentication to prevent spoofed sender addresses
69
![Page 70: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/70.jpg)
Copyright Pearson Prentice-Hall 2010
70
![Page 71: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/71.jpg)
Copyright Pearson Prentice-Hall 2010
71
Concept MeaningTransport The carriage of voice between the two
parties
Signaling Communication to manage the network.
Call setup
Call teardown
Accounting
Etc.
![Page 72: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/72.jpg)
Copyright Pearson Prentice-Hall 2010
Eavesdropping
Denial-of-Service Attacks◦ Even small increases in latency and jitter can be
highly disruptive
Caller Impersonation◦ Useful in social engineering
◦ Attacker can appear to be the president based on a falsified source address
72
![Page 73: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/73.jpg)
Copyright Pearson Prentice-Hall 2010
Hacking and Malware Attacks◦ Compromised clients can send attacks
◦ Compromised servers can do disruptive signaling
Toll Fraud◦ Attacker uses corporate VoIP network to place
free calls
Spam over IP Telephony (SPIT)◦ Especially disruptive because it interrupts the
called party in real time
73
![Page 74: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/74.jpg)
Copyright Pearson Prentice-Hall 2010
Basic Corporate Security Must Be Strong
Authentication◦ SIP Identity (RFC 4474) provides strong
authentication assurance between second-level domains
Encryption for Confidentiality◦ Can add to latency
74
![Page 75: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/75.jpg)
Copyright Pearson Prentice-Hall 2010
Firewalls◦ Many short packets
◦ Firewall must prioritize VoIP traffic
◦ Must handle ports for signaling SIP uses Port 5060 H.323 uses Ports 1719 and 1720 Must create an exception for each
conversation, which is assigned a specific port Must close the transport port immediately
after conversation ends
75
![Page 76: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/76.jpg)
Copyright Pearson Prentice-Hall 2010
NAT Problems◦ NAT firewall must handle VoIP NAT traversal
◦ NAT adds a small amount of latency
Separation: Anticonvergence◦ The convergence goal for data and voice
◦ Virtual LANs (VLANs) Separate voice and data traffic on different
VLANs Separate VoIP servers from VoIP phones on
different VLANs
76
![Page 77: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/77.jpg)
Copyright Pearson Prentice-Hall 2010
Widely Used Public VoIP Service
Uses Proprietary Protocols and Code◦ Vulnerabilities? Backdoors? Etc.
◦ Firewalls have a difficult time even recognizing Skype traffic
Encryption for Confidentiality◦ Skype reportedly uses strong security
◦ However, Skype keep encryption keys, allowing it to do eavesdropping
77
![Page 78: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/78.jpg)
Copyright Pearson Prentice-Hall 2010
Inadequate Authentication◦ Uncontrolled user registration; can use someone
else’s name and so appear to be them
Peer-to-Peer (P2P) Service◦ Uses this architecture and its proprietary (and
rapidly changing) protocol to get through corporate firewalls
◦ Bad for corporate security control
Skype File Sharing◦ Does not work with antivirus programs
78
![Page 79: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/79.jpg)
Copyright Pearson Prentice-Hall 2010
Databases◦ Often used in mission-critical applications
◦ Relational databases: Tables with rows (entities) and columns (attributes)
◦ As discussed earlier, avoid SQL injection attacks
79
![Page 80: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/80.jpg)
Copyright Pearson Prentice-Hall 2010
Databases◦ Restrict Access to Data
Restrict users to certain columns (attributes) in each row For instance, deny access to salary column to most
users
Limit access control to rows For instance, only rows containing data about people in
the user’s own department
80
![Page 81: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/81.jpg)
Copyright Pearson Prentice-Hall 2010
Databases◦ Restrict Granularity
Prevent access to individual data
Allow trend analysts to deal only with sums and averages for aggregates such as departments
81
![Page 82: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/82.jpg)
Copyright Pearson Prentice-Hall 2010
82
Presence servers merely tell the clients that others exist and what their IP addresses are
![Page 83: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/83.jpg)
Copyright Pearson Prentice-Hall 2010
83
All transmissions go through relay servers when relay servers are used.
![Page 84: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/84.jpg)
Copyright Pearson Prentice-Hall 2010
Spreadsheet Security
◦ Spreadsheets are widely used and the subject of many compliance regulations
◦ Need for security testing
◦ Spreadsheet vault server to implement controls (Figure 8-25)
84
![Page 85: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/85.jpg)
Copyright Pearson Prentice-Hall 2010
85
1.The vault server stores
spreadsheets and strongly controls access to them.AuthenticationAuthorizations
Auditing
1.The vault server stores
spreadsheets and strongly controls access to them.AuthenticationAuthorizations
Auditing
2.Spreadsheets record each
change for auditing purposes
2.Spreadsheets record each
change for auditing purposes
![Page 86: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/86.jpg)
Copyright Pearson Prentice-Hall 2010
86
3.Cryptographic Protections for Transmissions
3.Cryptographic Protections for Transmissions
4.Strong Client
Security
4.Strong Client
Security
![Page 87: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/87.jpg)
Copyright Pearson Prentice-Hall 2010
TCP/IP Supervisory Protocols
◦ Many supervisory protocols in TCP/IP ARP, ICMP, DNS, DHCP, LDAP, RIP, OSPF, BGP,
SNMP, etc.
◦ The targets of many attacks
◦ The IETF has a program to improve security in all (the Danvers Doctrine)
87
![Page 88: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/88.jpg)
Copyright Pearson Prentice-Hall 2010
Example◦ Simple Network Management Protocol (SNMP)
◦ Messages
GET messages to get information from a managed object
SET messages to change the configuration of a managed object
SET is often turned off because it is dangerous
88
![Page 89: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/89.jpg)
Copyright Pearson Prentice-Hall 2010
Example◦ SNMP versions and security
Version 1: No security
Version 2: Weak authentication with a community string shared by the manager and managed devices
Version 3: Pair-shared secrets, optional confidentiality, message integrity, and anti-replay protection
Still needed: public key authentication
89
![Page 90: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/90.jpg)
Copyright Pearson Prentice-Hall 2010
IT Security People Must Work with the Networking Staff◦ To ensure that appropriate security is being
applied to supervisory protocols
◦ Not a traditional area for IT security in most firms
90
![Page 91: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/91.jpg)
91
![Page 92: Chapter 8. Copyright Pearson Prentice-Hall 2010 Some attacks inevitably get through network protections and reach individual hosts In Chapter 7, we](https://reader036.vdocuments.mx/reader036/viewer/2022062518/56649e415503460f94b33a96/html5/thumbnails/92.jpg)
All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic,
mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher. Printed in the United States of America.
Copyright © 2010 Pearson Education, Inc. Copyright © 2010 Pearson Education, Inc. Publishing as Prentice HallPublishing as Prentice Hall