Binary Exploitation Lab
|
|
|
- Colin Jordan
- 5 years ago
- Views:
Transcription
1 SCIENCE PASSION TECHNOLOGY Binary Exploitation Lab Michael Schwarz June 18, 2017 IAIK Spring School 2017
2 Motivation
3 IoT Bugs 2 Michael Schwarz IAIK Spring School 2017
4 Top 10 IoT Bugs 3 Michael Schwarz IAIK Spring School 2017
5 Top 10 IoT Bugs 1. Insecure Web Interface Default usernames and passwords 4 Michael Schwarz IAIK Spring School 2017
6 Top 10 IoT Bugs 1. Insecure Web Interface 2. Insufficient Authentication Weak passwords 4 Michael Schwarz IAIK Spring School 2017
7 Top 10 IoT Bugs 1. Insecure Web Interface 2. Insufficient Authentication 3. Insecure Network Services Unnecessary ports open 4 Michael Schwarz IAIK Spring School 2017
8 Top 10 IoT Bugs 1. Insecure Web Interface 2. Insufficient Authentication 3. Insecure Network Services 4. Lack of Transport Encryption SSL/TLS not available 4 Michael Schwarz IAIK Spring School 2017
9 Top 10 IoT Bugs 1. Insecure Web Interface 2. Insufficient Authentication 3. Insecure Network Services 4. Lack of Transport Encryption 5. Privacy Concerns Collected information not properly protected 4 Michael Schwarz IAIK Spring School 2017
10 Top 10 IoT Bugs 1. Insecure Web Interface 2. Insufficient Authentication 3. Insecure Network Services 4. Lack of Transport Encryption 5. Privacy Concerns 6. Insecure Cloud Interface Interfaces with security vulnerabilities 4 Michael Schwarz IAIK Spring School 2017
11 Top 10 IoT Bugs 1. Insecure Web Interface 2. Insufficient Authentication 3. Insecure Network Services 4. Lack of Transport Encryption 5. Privacy Concerns 6. Insecure Cloud Interface 7. Insecure Mobile Interface No account lockout mechanisms 4 Michael Schwarz IAIK Spring School 2017
12 Top 10 IoT Bugs 1. Insecure Web Interface 2. Insufficient Authentication 3. Insecure Network Services 4. Lack of Transport Encryption 5. Privacy Concerns 6. Insecure Cloud Interface 7. Insecure Mobile Interface 8. Insufficient Security Configurability Encryption is not available 4 Michael Schwarz IAIK Spring School 2017
13 Top 10 IoT Bugs 1. Insecure Web Interface 2. Insufficient Authentication 3. Insecure Network Services 4. Lack of Transport Encryption 5. Privacy Concerns 6. Insecure Cloud Interface 7. Insecure Mobile Interface 8. Insufficient Security Configurability 9. Insecure Software/Firmware Updates are not signed 4 Michael Schwarz IAIK Spring School 2017
14 Top 10 IoT Bugs 1. Insecure Web Interface 2. Insufficient Authentication 3. Insecure Network Services 4. Lack of Transport Encryption 5. Privacy Concerns 6. Insecure Cloud Interface 7. Insecure Mobile Interface 8. Insufficient Security Configurability 9. Insecure Software/Firmware 10. Poor Physical Security Unnecessary external ports like USB 4 Michael Schwarz IAIK Spring School 2017
15 Summary The 90s called... 5 Michael Schwarz IAIK Spring School 2017
16 Summary The 90s called......they want their bugs back! 5 Michael Schwarz IAIK Spring School 2017
17 Let s try it!
18 Infrastructure There are 6 different hacklets Name Difficulty Type IP Access Point Admin Panel Expl0it Memory corruption Binary/Reversing Puzzling Python 6 Michael Schwarz IAIK Spring School 2017
19 Infrastructure There are 6 different hacklets Name Difficulty Type IP Access Point Admin Panel Expl0it Secure Router M0reExpl0it Memory corruption Binary/Reversing Puzzling Python 6 Michael Schwarz IAIK Spring School 2017
20 Infrastructure There are 6 different hacklets Name Difficulty Type IP Access Point Admin Panel Expl0it Secure Router M0reExpl0it Debug Shell I M0reExpl0it Memory corruption Binary/Reversing Puzzling Python 6 Michael Schwarz IAIK Spring School 2017
21 Infrastructure There are 6 different hacklets Name Difficulty Type IP Access Point Admin Panel Expl0it Secure Router M0reExpl0it Debug Shell I M0reExpl0it Debug Shell II Expl0it Memory corruption Binary/Reversing Puzzling Python 6 Michael Schwarz IAIK Spring School 2017
22 Infrastructure There are 6 different hacklets Name Difficulty Type IP Access Point Admin Panel Expl0it Secure Router M0reExpl0it Debug Shell I M0reExpl0it Debug Shell II Expl0it Time Server M0reExpl0it Memory corruption Binary/Reversing Puzzling Python 6 Michael Schwarz IAIK Spring School 2017
23 Infrastructure There are 6 different hacklets Name Difficulty Type IP Access Point Admin Panel Expl0it Secure Router M0reExpl0it Debug Shell I M0reExpl0it Debug Shell II Expl0it Time Server M0reExpl0it Power Plant Expl0it Memory corruption Binary/Reversing Puzzling Python 6 Michael Schwarz IAIK Spring School 2017
24 Infrastructure Every hacklet has a hidden flag 7 Michael Schwarz IAIK Spring School 2017
25 Infrastructure Every hacklet has a hidden flag Flags are usually in a text file flag.txt on the device 7 Michael Schwarz IAIK Spring School 2017
26 Infrastructure Every hacklet has a hidden flag Flags are usually in a text file flag.txt on the device A flag looks like {TH1S_IS_A_FL4G!} 7 Michael Schwarz IAIK Spring School 2017
27 Infrastructure Every hacklet has a hidden flag Flags are usually in a text file flag.txt on the device A flag looks like {TH1S_IS_A_FL4G!} Goal is to get the flag and submit it to the highscore list 7 Michael Schwarz IAIK Spring School 2017
28 Infrastructure Every hacklet has a hidden flag Flags are usually in a text file flag.txt on the device A flag looks like {TH1S_IS_A_FL4G!} Goal is to get the flag and submit it to the highscore list Highscore can be found here: (Expl0it) 7 Michael Schwarz IAIK Spring School 2017
29 Infrastructure All IoT devices/hacklets are in an internal network 8 Michael Schwarz IAIK Spring School 2017
30 Infrastructure All IoT devices/hacklets are in an internal network They are not connected to the internet 8 Michael Schwarz IAIK Spring School 2017
31 Infrastructure All IoT devices/hacklets are in an internal network They are not connected to the internet Connect to the routers Expl0it or M0reExpl0it to start hacking 8 Michael Schwarz IAIK Spring School 2017
32 Infrastructure All IoT devices/hacklets are in an internal network They are not connected to the internet Connect to the routers Expl0it or M0reExpl0it to start hacking The password is iotiotiot (3x iot ) 8 Michael Schwarz IAIK Spring School 2017
33 How to Connect Hacklets are accessible over the network 9 Michael Schwarz IAIK Spring School 2017
34 How to Connect Hacklets are accessible over the network Every hacklet has a text interface on port Michael Schwarz IAIK Spring School 2017
35 How to Connect Hacklets are accessible over the network Every hacklet has a text interface on port 8888 You can connect using any telnet-like program: PuTTY Terminal, netcat, telnet netcat, telnet 9 Michael Schwarz IAIK Spring School 2017
36 How to Connect Hacklets are accessible over the network Every hacklet has a text interface on port 8888 You can connect using any telnet-like program: PuTTY Terminal, netcat, telnet netcat, telnet For example on Linux/Mac in the shell: telnet Michael Schwarz IAIK Spring School 2017
37 How to Start Use your own computer or our provided Linux VM (on USB or from (Expl0it)) 10 Michael Schwarz IAIK Spring School 2017
38 How to Start Use your own computer or our provided Linux VM (on USB or from (Expl0it)) Download a hacklet to analyze it: (Expl0it) 10 Michael Schwarz IAIK Spring School 2017
39 How to Start Use your own computer or our provided Linux VM (on USB or from (Expl0it)) Download a hacklet to analyze it: (Expl0it) Connect to the hacklet 10 Michael Schwarz IAIK Spring School 2017
40 How to Start Use your own computer or our provided Linux VM (on USB or from (Expl0it)) Download a hacklet to analyze it: (Expl0it) Connect to the hacklet Remember today s talk of Ahmad Sadeghi What happens if I enter a lot of text? Does it crash? Can I exploit that? Is there maybe a different interface? 10 Michael Schwarz IAIK Spring School 2017
41 How to Start Run strings on the binary to extract all texts 11 Michael Schwarz IAIK Spring School 2017
42 How to Start Run strings on the binary to extract all texts Use a port scanner to check if there is an alternative interface (SSH is not exploitable!) 11 Michael Schwarz IAIK Spring School 2017
43 How to Start Run strings on the binary to extract all texts Use a port scanner to check if there is an alternative interface (SSH is not exploitable!) arm-linux-gnueabi-objdump could be useful arm-linux-gnueabi-objdump -d <hacklet> to disassemble arm-linux-gnueabi-objdump -x <hacklet> to see headers and symbols 11 Michael Schwarz IAIK Spring School 2017
44 How to Start Run strings on the binary to extract all texts Use a port scanner to check if there is an alternative interface (SSH is not exploitable!) arm-linux-gnueabi-objdump could be useful arm-linux-gnueabi-objdump -d <hacklet> to disassemble arm-linux-gnueabi-objdump -x <hacklet> to see headers and symbols Watch out for dangerous functions (e.g. strcpy) 11 Michael Schwarz IAIK Spring School 2017
45 Questions?
46 Bonus: Running hacklets locally It can be useful to run hacklets locally Install qemu Download Raspbian Image + Kernel + Starter from Execute chmod +x./run.sh and run./run.sh Remote shell to QEMU: ssh localhost 2222 Connect to hacklet: netcat localhost 8888
Security: Internet of Things
Security: Internet of Things Based on Trusted Flows Kyle Haefner Background - What is IoT Security? Security of the Internet of Things is just security at a larger scale -- Steve Lovaas Colorado State
Lab 6: OS Security for the Internet of Things
Department of Computer Science: Cyber Security Practice Lab 6: OS Security for the Internet of Things Introduction The Internet of Things (IoT) is an emerging technology that will affect our daily life.
CS321: Computer Networks TELNET, SSH
CS321: Computer Networks TELNET, SSH Dr. Manas Khatua Assistant Professor Dept. of CSE IIT Jodhpur E-mail: manaskhatua@iitj.ac.in TELNET Many cases we need to have some generic client/server programs that
Lab 6: OS Security for the Internet of Things
Department of Computer Science: Cyber Security Practice Lab 6: OS Security for the Internet of Things Introduction The Internet of Things (IoT) is an emerging technology that will affect our daily life.
What is Secure. Authenticated I know who I am talking to. Our communication is Encrypted
Crypto App - SSH 1 What is Secure Authenticated I know who I am talking to Our communication is Encrypted Telnet clear text Servers Terminal clear text Routers SSH encrypted channel encrypted text Servers
Secure Communications Over a Network
Secure Communications Over a Network Course: MITS:5400G Proffessor: Dr. Xiaodong Lin By: Geoff Vaughan 100309160 March 20th 2012 Abstract The purpose of this experiment is to transmit an encrypted message
Storage and File System
COS 318: Operating Systems Storage and File System Andy Bavier Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall10/cos318/ Topics Storage hierarchy File
Who are we? Jonas Zaddach. Andrei Costin. Davide Balzarotti. Aurélien Francillon 2/91
Who are we? Andrei Costin Jonas Zaddach Aurélien Francillon Davide Balzarotti 2/91 Who are we? 3/91 Embedded Systems Are Everywhere by Wilgengebroed on Flickr [CC-BY-2.0] 4/91 Smarter & More Complex by
Storage and File Hierarchy
COS 318: Operating Systems Storage and File Hierarchy Jaswinder Pal Singh Computer Science Department Princeton University (http://www.cs.princeton.edu/courses/cos318/) Topics Storage hierarchy File system
Lab Configure Basic AP security through GUI
Lab 8.3.1.1 Configure Basic AP security through GUI Estimated Time: 30 minutes Number of Team Members: Students will work in teams of two. Objective In this lab, the student will learn the following objectives:
Introduction to UNIX/LINUX Security. Hu Weiwei
Introduction to UNIX/LINUX Security Hu Weiwei Operation System Security The Security Problems in Operation Systems become more and more important The Security techniques improved rapidly The number of
COS 318: Operating Systems
COS 318: Operating Systems File Systems: Abstractions and Protection Jaswinder Pal Singh Computer Science Department Princeton University (http://www.cs.princeton.edu/courses/cos318/) Topics What s behind
COS 318: Operating Systems. File Systems. Topics. Evolved Data Center Storage Hierarchy. Traditional Data Center Storage Hierarchy
Topics COS 318: Operating Systems File Systems hierarchy File system abstraction File system operations File system protection 2 Traditional Data Center Hierarchy Evolved Data Center Hierarchy Clients
Cryptography - SSH. Network Security Workshop May 2017 Phnom Penh, Cambodia
Cryptography - SSH Network Security Workshop 29-31 May 2017 Phnom Penh, Cambodia What is Safely Authentication I know who I am talking with Our communication is Encrypted Telnet Servers Terminal Routers
Virtualization Device Emulator Testing Technology. Speaker: Qinghao Tang Title 360 Marvel Team Leader
Virtualization Device Emulator Testing Technology Speaker: Qinghao Tang Title 360 Marvel Team Leader 1 360 Marvel Team Established in May 2015, the first professional could computing and virtualization
Cryptography - SSH. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea
Cryptography - SSH Network Security Workshop 3-5 October 2017 Port Moresby, Papua New Guinea 1 What is Secure Authentication I know who I am talking to Our communication is Encrypted Telnet Servers Terminal
CS321: Computer Networks FTP, TELNET, SSH
CS321: Computer Networks FTP, TELNET, SSH Dr. Manas Khatua Assistant Professor Dept. of CSE IIT Jodhpur E-mail: manaskhatua@iitj.ac.in FTP File Transfer Protocol (FTP) is the standard protocol provided
CTF Workshop. Crim Synopsys, Inc. 1
CTF Workshop Crim2018 31.10.2018 2018 Synopsys, Inc. 1 CTF (Capture the Flag) Capture the Flag (CTF) is a computer security competition. CTF are usually designed test and teach computer security skills.
CPSC 467: Cryptography and Computer Security
CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 24a December 2, 2013 CPSC 467, Lecture 24a 1/20 Secure Shell (SSH) Transport Layer Security (TLS) Digital Rights Management and Trusted
Oregon State University School of Electrical Engineering and Computer Science. CS 261 Recitation 1. Spring 2011
Oregon State University School of Electrical Engineering and Computer Science CS 261 Recitation 1 Spring 2011 Outline Using Secure Shell Clients GCC Some Examples Intro to C * * Windows File transfer client:
IoT Vulnerabilities. By Troy Mattessich, Raymond Fradella, and Arsh Tavi. Contribution Distribution
Security Penetration Through IoT Vulnerabilities By Troy Mattessich, Raymond Fradella, and Arsh Tavi Contribution Distribution Arsh Tavi Troy Mattessich Raymond Fradella Conducted research and compiled
Chapter 11: Networks
Chapter 11: Networks Devices in a Small Network Small Network A small network can comprise a few users, one router, one switch. A Typical Small Network Topology looks like this: Device Selection Factors
Connect using Putty to a Linux Server
Connect using Putty to a Linux Server PuTTY is an open source SSH client for Windows, and allows you to securely connect to remote servers from your Windows machine. Configuration SSH Key Authentication
MediaTek LinkIt Smart 7688 Get Started Guide
MediaTek LinkIt Smart 7688 Get Started Guide Version: 0.92 Release date: November 2015 Specifications are subject to change without notice. 2015, 2016 MediaTek Inc. Unauthorized reproduction of this information
IRL: Live Hacking Demos!
SESSION ID: SBX2-R3 IRL: Live Hacking Demos! Omer Farooq Senior Software Engineer Independent Security Evaluators Rick Ramgattie Security Analyst Independent Security Evaluators What is the Internet of
MQ Jumping... Or, move to the front of the queue, pass go and collect 200
MQ Jumping.... Or, move to the front of the queue, pass go and collect 200 Martyn Ruks DEFCON 15 2007-08-03 One Year Ago Last year I talked about IBM Networking attacks and said I was going to continue
Chapter 11: It s a Network. Introduction to Networking
Chapter 11: It s a Network Introduction to Networking Small Network Topologies Typical Small Network Topology IT Essentials v5.0 2 Device Selection for a Small Network Factors to be considered when selecting
Cyber Security Brian Bostwick OSIsoft Market Principal for Cyber Security
Cyber Security Presented by Brian Bostwick OSIsoft Market Principal for Cyber Security Cyber Security Trauma in the News Saudi Aramco Restores Network After Shamoon Malware Attack Hacktivist-launched virus
BIF713. Operating Systems & Project Management. Instructor: Murray Saul Webpage: murraysaul.wordpress.
BIF713 Operating Systems & Project Management Instructor: Murray Saul E-mail: murray.saul@senecacollege.ca Webpage: murraysaul.wordpress.com Today's Topics Types of computer servers at Seneca College Introduction
Cryptography Application : SSH. Cyber Security & Network Security March, 2017 Dhaka, Bangladesh
Cryptography Application : SSH Cyber Security & Network Security 20-22 March, 2017 Dhaka, Bangladesh Issue Date: [31-12-2015] Revision: [v.1] What is Safely Authentication I am Assured of Which Host I
What someone said about junk hacking
What someone said about junk hacking Yes, we get it. Cars, boats, buses, and those singing fish plaques are all hackable and have no security. Most conferences these days have a! whole track called "Junk
SSH. What is Safely 6/19/ June 2018 PacNOG 22, Honiara, Solomon Islands Supported by:
SSH 25-29 June 2018 PacNOG 22, Honiara, Solomon Islands Supported by: Issue Date: Revision: 1 What is Safely Authentication I am Assured of Which Host I am Talking With Authentication - The Host Knows
Lab 2: Buffer Overflows
Department of Computer Science: Cyber Security Practice Lab 2: Buffer Overflows Introduction In this lab, you will learn how buffer overflows and other memory vulnerabilities are used to takeover vulnerable
COMP2330 Data Communications and Networking
COMP2330 Data Communications and Networking Dr. Chu Xiaowen (Second semester, 2009-2010 academic year) Laboratory 3 Last update: Feb-3-2009 Use Wireshark to Analyze IP Packet Objectives: (1) Use Wireshark
Chapter 2. Chapter 2 A. Configuring a Network Operating System
Chapter 2 Chapter 2 A Configuring a Network Operating System Chapter 2 Cisco IOS IOS stands for Internetwork Operating System It is a family of software used on most Cisco Systems routers and current Cisco
UNIVERSITY OF CYPRUS Computer Science Department
UNIVERSITY OF CYPRUS Computer Science Department ΕΠΛ 660 Information Retrieval and Search Engines A guide for connecting to LInC 1 -powered cloud-based Virtual Machines Lab instructor: Pavlos Antoniou
TELNET is short for Terminal Network Enables the establishment of a connection to a remote system, so that the local terminal appears to be the
Telnet/SSH TELNET is short for Terminal Network Enables the establishment of a connection to a remote system, so that the local terminal appears to be the terminal at the remote location. Usually establishes
ForeScout CounterACT. Assessment Engine. Configuration Guide. Version 1.0
ForeScout CounterACT Core Extensions Module: IoT Posture Assessment Engine Version 1.0 Table of Contents About the IoT Posture Assessment Engine... 3 View All Endpoints Having a Security Risk... 3 Assess
10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
Integration Guide. Auvik
Integration Guide Auvik Revised: 27 February 2017 About This Guide Guide Type Documented Integration WatchGuard or a Technology Partner has provided documentation demonstrating integration. Guide Details
Bank Infrastructure - Video - 1
Bank Infrastructure - 1 05/09/2017 Threats Threat Source Risk Status Date Created Account Footprinting Web Browser Targeted Malware Web Browser Man in the browser Web Browser Identity Spoofing - Impersonation
Evaluating the Security Risks of Static vs. Dynamic Websites
Evaluating the Security Risks of Static vs. Dynamic Websites Ballard Blair Comp 116: Introduction to Computer Security Professor Ming Chow December 13, 2017 Abstract This research paper aims to outline
Securing CS-MARS C H A P T E R
C H A P T E R 4 Securing CS-MARS A Security Information Management (SIM) system can contain a tremendous amount of sensitive information. This is because it receives event logs from security systems throughout
Chapter 4. Network Security. Part I
Chapter 4 Network Security Part I CCNA4-1 Chapter 4-1 Introducing Network Security Introduction to Network Security CCNA4-2 Chapter 4-1 Introducing Network Security Why is Network Security important? Rapid
Chapter 4. Network Security. Part II
Chapter 4 Network Security Part II CCNA4-1 Chapter 4-2 Introducing Network Security Securing Cisco Routers CCNA4-2 Chapter 4-2 Router Security Issues The Role of Routers in Network Security: Router security
2-1-1 ssh Secure SHell
2-1-1 ssh Secure SHell Using Public Key Cryptography Keying, Key Exchange, and Session Setup 1 Communicate Safely with Remote Systems 2 What is Safely Authentication I am Assured of Which Host I am Talking
Project 3: Network Security
CIS 331 October 3, 2017 Introduction to Networks & Security Project 3: Network Security Project 3: Network Security This project is due on Tuesday, October 17 at 10 p.m.. You must work in teams of two
Shellbased Wargaming
Shellbased Wargaming Abstract Wargaming is a hands-on way to learn about computer security and common programming mistakes. This document is intended for readers new to the subject and who are interested
IoT & SCADA Cyber Security Services
RIOT SOLUTIONS PTY LTD P.O. Box 10087 Adelaide St Brisbane QLD 4000 BRISBANE HEAD OFFICE Level 22, 144 Edward St Brisbane, QLD 4000 T: 1300 744 028 Email: sales@riotsolutions.com.au www.riotsolutions.com.au
EXPLOITING CLOUD SYNCHRONIZATION TO HACK IOTS
SESSION ID: SBX1-R1 EXPLOITING CLOUD SYNCHRONIZATION TO HACK IOTS Alex Jay Balan Chief Security Researcher Bitdefender @jaymzu 2 IoT = hardware + OS + app (+ Cloud) wu-ftpd IIS5.0 RDP Joomla app 3 EDIMAX
Peekaboo! I Own You.
Peekaboo! I Own You. The Tale of Hundreds of Thousands Vulnerable Devices with no Patch, Ever. Amit Serper Cybereason Inc. amit@cybereason.com @0xAmit Yoav Orot Cybereason Inc. yoav@cybereason.com @manzaltu
AppGate 11.0 RELEASE NOTES
Changes in 11.0 AppGate 11.0 RELEASE NOTES 1. New packet filter engine. The server-side IP tunneling packet filter engine has been rewritten from scratch, reducing memory usage drastically and improving
Fast and Vulnerable A Story of Telematic Failures
Fast and Vulnerable A Story of Telematic Failures Center for Automotive Embedded Systems Security Ian Foster, Andrew Prudhomme, Karl Koscher, and Stefan Savage Telematic Control Units Connects to car s
Your Turn to Hack the OWASP Top 10!
OWASP Top 10 Web Application Security Risks Your Turn to Hack OWASP Top 10 using Mutillidae Born to Be Hacked Metasploit in VMWare Page 1 https://www.owasp.org/index.php/main_page The Open Web Application
Secure Programming Techniques
Secure Programming Techniques Meelis ROOS mroos@ut.ee Institute of Computer Science Tartu University spring 2014 Course outline Introduction General principles Code auditing C/C++ Web SQL Injection PHP
IoT The gift that keeps on giving
IoT The gift that keeps on giving Contributors labs@bitdefender.com Radu Alexandru Basaraba - rbasaraba@bitdefender.com Alexandru Lazar allazar@bitdefender.com Mihai Moldovan - mimoldovan@bitdefender.com
Telnet/SSH. Connecting to Hosts. Internet Technology 1
Telnet/SSH Connecting to Hosts Internet Technology 1 What is Telnet? Method for connecting to hosts Enables remote login (rlogin) to computers on the Internet One computer can connect to another to use
Lab Configure Basic AP Security through IOS CLI
Lab 8.3.1.2 Configure Basic AP Security through IOS CLI Estimated Time: 30 minutes Number of Team Members: Students will work in teams of two. Objective In this lab, the student will learn the following
LECTURE 7. Readings: - SSH: The Definitive Guide; D.J. Barret et al.; O Reilly Lecture outline: - SSH. Marco Spaziani Brunella, Manuel Campo
LECTURE 7 Readings: - SSH: The Definitive Guide; D.J. Barret et al.; O Reilly Lecture outline: - SSH Remote Managing In real life, physical access to network nodes is not always an option. Often, we need
Wireless Setup Instructions
Wireless Setup Instructions THESE INSTRUCTIONS ARE VERY IMPORTANT TO SECURE YOUR WIRELESS NETWORK The purpose of this procedure is to "lock" your router so other users can not access your network without
Secure Internet of Things Project Overview. Philip Levis, Faculty Director SITP 2018 Retreat Santa Cruz, CA
Secure Internet of Things Project Overview Philip Levis, Faculty Director SITP 2018 Retreat Santa Cruz, CA Four Years Ago + = Security Disaster HP conducted a security analysis of IoT devices 1 80% had
Foreword by Katie Moussouris... Acknowledgments... xvii. Introduction...xix. Chapter 1: The Basics of Networking... 1
Brief Contents Foreword by Katie Moussouris.... xv Acknowledgments... xvii Introduction...xix Chapter 1: The Basics of Networking... 1 Chapter 2: Capturing Application Traffic... 11 Chapter 3: Network
CSWAE Certified Secure Web Application Engineer
CSWAE Certified Secure Web Application Engineer Overview Organizations and governments fall victim to internet based attacks every day. In many cases, web attacks could be thwarted but hackers, organized
CCNA Cybersecurity Operations 1.1 Scope and Sequence
CCNA Cybersecurity Operations 1.1 Scope and Sequence Last updated June 18, 2018 Introduction Today's organizations are challenged with rapidly detecting cybersecurity breaches and effectively responding
Configuring GNS3 for CCNA Security Exam (for Windows) Software Requirements to Run GNS3
Configuring GNS3 for CCNA Security Exam (for Windows) Software Requirements to Run GNS3 From Cisco s website, here are the minimum requirements for CCP 2.7 and CCP 2.8: The following info comes from many
Understanding the Internet
Announcements U.S. National Cybersecurity Understanding the Internet Axess Forum Bios/Photos Law School Event William J. Perry Martin Casado Keith Coleman Dan Wendlandt MS&E 91SI Spring 2004 Stanford University
Question No: 2 Which identifier is used to describe the application or process that submitted a log message?
Volume: 65 Questions Question No: 1 Which definition of a fork in Linux is true? A. daemon to execute scheduled commands B. parent directory name of a file pathname C. macros for manipulating CPU sets
Welcome to ULI101! The Internet has become part of our daily lives.
ULI101 Week 01 Week Overview Course introduction Obtaining your Seneca accounts Changing passwords The Matrix server The role of an operating system *nix overview Open source philosophy Linux GUI The terminal
Ch 1: The Mobile Risk Ecosystem. CNIT 128: Hacking Mobile Devices. Updated
Ch 1: The Mobile Risk Ecosystem CNIT 128: Hacking Mobile Devices Updated 1-12-16 The Mobile Ecosystem Popularity of Mobile Devices Insecurity of Mobile Devices The Mobile Risk Model Mobile Network Architecture
IBM Future of Work Forum
IBM Cognitive IBM Future of Work Forum The Engaged Enterprise Comes Alive Improving Organizational Collaboration and Efficiency While Enhancing Security on Mobile and Cloud Apps Chris Hockings IBM Master
Release Note of RMCARD 302/303 Ver. 2.19(Release Date: 06/09/2017): Ver. 2.18(Release Date: 08/03/2016):
Release Note of RMCARD 302/303 Ver. 2.19(Release Date: 06/09/2017): Unexpected reboot when E-mail notification was executed via Office365 SMTP Server. "Turn Off capacity threshold" could not be displayed
Web Application Penetration Testing
Web Application Penetration Testing COURSE BROCHURE & SYLLABUS Course Overview Web Application penetration Testing (WAPT) is the Security testing techniques for vulnerabilities or security holes in corporate
Features of Netcat. Abstract. Keywords. I. Introduction. II. History. Jeffrey Kurcz School of Computer Science University of Windsor
Features of Netcat Jeffrey Kurcz School of Computer Science University of Windsor kurcz@uwindsor.ca Abstract This paper discusses the many uses that Netcat can perform for many different tasks that need
WatchGuard AP - Remote Code Execution
WatchGuard AP - Remote Code Execution Security Advisory Date 1/05/2018 Version: 1.0 Table of Contents 1. Document Control... 2 1.1. Document Information... 2 1.2. Revision Control... 2 2. Background...
Objectives. Classes of threats to networks. Network Security. Common types of network attack. Mitigation techniques to protect against threats
ITE I Chapter 6 2006 Cisco Systems, Inc. All rights reserved. Cisco Public 1 Objectives Enterprise Network Security Describe the general methods used to mitigate security threats to Enterprise networks
Lab - Examining Telnet and SSH in Wireshark
Topology Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway R1 G0/1 192.168.1.1 255.255.255.0 N/A PC-A NIC 192.168.1.3 255.255.255.0 192.168.1.1 Part 1: Configure the Devices
NIST Cybersecurity Framework Protect / Maintenance and Protective Technology
NIST Cybersecurity Framework Protect / Maintenance and Protective Technology Presenter Charles Ritchie CISSP, CISA, CISM, GSEC, GCED, GSNA, +6 Information Security Officer IT experience spanning two centuries
Ending the Entropy Drought
White Paper: Ending the Entropy Drought February 2018 All questions and enquiries regarding this white paper should be directed to: John Lister Director of Cyber Security jlister@cognitiocorp.com February
The Android security jungle: pitfalls, threats and survival tips. Scott
The Android security jungle: pitfalls, threats and survival tips Scott Alexander-Bown @scottyab The Jungle Ecosystem Google s protection Threats Risks Survival Network Data protection (encryption) App/device
During security audits, over 15,000 vulnerability assessments are made, scanning the network IP by IP.
Features LAN Guard Vulnerability scanning and Management Patch Management and Remediation Network and software Auditing Why Choose? 1. Powerful network, security and port scanner with network auditing
Achieving End-to-End Security in the Internet of Things (IoT)
Achieving End-to-End Security in the Internet of Things (IoT) Optimize Your IoT Services with Carrier-Grade Cellular IoT June 2016 Achieving End-to-End Security in the Internet of Things (IoT) Table of
Security Course. WebGoat Lab sessions
Security Course WebGoat Lab sessions WebGoat Lab sessions overview Initial Setup Tamper Data Web Goat Lab Session 4 Access Control, session information stealing Lab Session 2 HTTP Basics Sniffing Parameter
Logging In to the Sensor
CHAPTER 12 This chapter explains how to log in to the sensor. It contains the following sections: Overview, page 12-1 Supported User Roles, page 12-1 Logging In to the Appliance, page 12-2 Connecting an
Lab Using the CLI to Gather Network Device Information Topology
Topology Addressing Table Objectives Device Interface IP Address Subnet Mask Default Gateway R1 G0/1 192.168.1.1 255.255.255.0 N/A Lo0 209.165.200.225 255.255.255.224 N/A S1 VLAN 1 192.168.1.11 255.255.255.0
epldt Web Builder Security March 2017
epldt Web Builder Security March 2017 TABLE OF CONTENTS Overview... 4 Application Security... 5 Security Elements... 5 User & Role Management... 5 User / Reseller Hierarchy Management... 5 User Authentication
Computer Security. 04r. Pre-exam 1 Concept Review. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 04r. Pre-exam 1 Concept Review Paul Krzyzanowski Rutgers University Spring 2018 February 15, 2018 CS 419 2018 Paul Krzyzanowski 1 Key ideas from the past four lectures February 15, 2018
Customer Management Instructions: Juniper vsrx or Cisco CSR 1000v Service Launch Guide
AT&T FlexWare Applications: Customer Management Instructions Customer Management Instructions: Juniper vsrx or Cisco CSR 1000v Service Launch Guide This guide is designed to assist customers in understanding
Certified Secure Web Application Engineer
Certified Secure Web Application Engineer ACCREDITATIONS EXAM INFORMATION The Certified Secure Web Application Engineer exam is taken online through Mile2 s Assessment and Certification System ( MACS ),
Hacking Today p. 1 Defining the Hacker p. 9 Hacker Skill Levels p. 10 Information Security Consultants p. 13 Hacker Myths p. 14 Information Security
Preface p. xv Introduction p. xxi Hacking Today p. 1 Defining the Hacker p. 9 Hacker Skill Levels p. 10 Information Security Consultants p. 13 Hacker Myths p. 14 Information Security Myths p. 15 Penetration
Examples of Cisco APE Scenarios
CHAPTER 5 This chapter describes three example scenarios with which to use Cisco APE: Access to Asynchronous Lines, page 5-1 Cisco IOS Shell, page 5-3 Command Authorization, page 5-5 Note For intructions
CS Final Exam
CS 600.443 Final Exam Name: This exam is closed book and closed notes. You are required to do this completely on your own without any help from anybody else. Feel free to write on the back of any page
TACACS+ on an Aironet Access Point for Login Authentication Configuration Example
TACACS+ on an Aironet Access Point for Login Authentication Configuration Example Document ID: 70149 Contents Introduction Prerequisites Requirements Components Used Conventions Configure Network Diagram
Secure Services. A user support perspective. Frank J. Reda. Director, Distributed Computing Support Rutgers University Computing Services New
Secure Services A user support perspective Frank J. Reda Director, Distributed Computing Support Rutgers University Computing Services New Brunswick Agenda Description of secure services RUCS-NB implementation
CS155: Computer Security Spring Project #1
CS155: Computer Security Spring 2018 Project #1 Due: Part 1: Thursday, April 12-11:59pm, Parts 2 and 3: Thursday, April 19-11:59pm. The goal of this assignment is to gain hands-on experience finding vulnerabilities
Virtualbox QPKG V and +
Virtualbox QPKG V 4.1.10 and + 13. April 2012 Purpose of this document : Explain the news in QPKG management I Create an Escape solution to Disable, at boot time, virtualbox, without the need to accede
Netcat Scanning to Backdoors
Netcat Scanning to Backdoors Security & Privacy on the Internet (03-60-467) Fall 2009 Submitted to Dr. A.K. Aggarwal Submitted By Jeffrey Kurcz School of Computer Science University of Windsor CONTENTS
Release Note of RMCARD 202/203 Ver (Release Date: 06/09/2017):
Release Note of RMCARD 202/203 Ver. 2.29 (Release Date: 06/09/2017): Unexpected reboot when E-mail notification was executed via Office365 SMTP Server. Fixed the system not sending the login fail event
EDURange Student s Manual. September 14, 2015
EDURange Student s Manual September 14, 2015 A Introduction This document will be updated as changes are made. EDURange is both a collection of interactive, collaborative cybersecurity exercises and a
Jaringan Komputer (CCNA-1)
Jaringan Komputer (CCNA-1) #2 Configuring a Network Operating System Susmini I. Lestariningati, M.T Introduction (1) Home networks typically interconnect a wide variety of end devices including PCs, laptops,
New Technology Old Mistakes
New Technology Old Mistakes Breaking Virtualization Claudio Criscione @paradoxengine blackfire@nibblesec.org securityforum.at - 2011 /me Blogs Claudio Criscione virtualization.info cloudcomputing.info