Well, That Escalated Quickly! How abusing the Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in the Hypervisor via

Size: px
Start display at page:

Download "Well, That Escalated Quickly! How abusing the Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in the Hypervisor via"

Transcription

1 Well, That Escalated Quickly! How abusing the Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in the Hypervisor via Shadow Containers. Michael Sagie

2 WHO ARE WE? Michael Cherny Head of Research Aqua Sagie Dulce Sr Security Researcher Aqua 2

3 FOCUS Developers are the new Targets 3

4 FOCUS Developers are the new Targets Main Course: APT Developer Running Docker 4

5 FOCUS Developers are the new Targets Main Course: APT Developer Running Docker New Attacks: Host Rebinding & Shadow Container 5

6 MENU Containers & Container Development Attacking Developers Abusing Docker API Host Rebinding Attack Shadow Containers Full Attack -> Click 2 PWN Conclusions 6

7 CONTAINERS?

8 VIRTUAL MACHINES VS CONTAINERS 8

9 CONTAINERS EVERYWHERE Linux Containers Linux / Windows / Mac Windows Containers Native / Hyper-V (Windows Server) Hyper-V (windows 10) 9

10 CONTAINER ADOPTION STATS 10

11 DEVELOPERS AS TARGETS High privileges on their machines & domain Low security attention High Confidence Access to sensitive data Code IP Registries 11

12 DEVELOPERS AS TARGETS 12

13 DEVELOPERS AS TARGETS 13

14 ATTACK OVERVIEW ATTACKING CONTAINER DEVELOPERS

15 ATTACK OVERVIEW 15

16 ATTACK OVERVIEW 16

17 ATTACK OVERVIEW WINDOWS 10 Abuse Docker API 1 Remote Code Execution Host Rebinding 2 Privilege Escalation Shadow Container 3 Persistency 17

18 ABUSING DOCKER API FROM A MALICIOUS WEB PAGE 1

19 DOCKER 4 WINDOWS / MAC Client talks to daemon over via REST API UNIX socket named pipe..or TCP port TCP port was default on Windows 10 19

20 DOCKER 4 WINDOWS / MAC Client talks to daemon over via REST API UNIX socket named pipe..or TCP port TCP port was default on Windows 10 Abuse Remotely? 20

21 DOCKER REST API CAN WE ATTACK IT? It s complicated Same Origin Policy?! 21

22 BROWSER SECURITY Browsers need to display content from multiple domains But, one domain shouldn t be able to read / write to another Post status in Facebook Collect underpants... etc. 22

23 SAME ORIGIN POLICY (SOP) Only simple requests are allowed across origins GET can t read response body POST can t send with a body / not all header types HEAD Not same origin: request has different domain, protocol or port 23

24 DOCKER API CALLS THAT DON T VIOLATE SOP List containers (GET) Inspect container (GET) List processes in container (GET) Get container logs (GET) Get container s changes in filesystem (GET) Export container (GET) Get container stats (GET) Resize Container (POST) Start Container (POST) List images (GET) Build image (POST) Create image (POST) Get image history (GET) Push image (POST) Stop Container (POST) Restart container (POST) Kill a container (POST) Rename container (POST) Pause container (POST) Unpause container (POST) Attach to a container (POST) Get file info in a container (HEAD) Get filesystem archive (GET) Delete Container (POST) List networks (GET) Inspect Network (GET) Tag image (POST) List volumes (GET) Export image (GET) Inspect volume (GET) List secrets (GET) Create secret (POST) Inspect secret (GET) Inspect Swarm (GET) List nodes (GET) Inspect node (GET) List services (GET) Inspect service (GET) Get service logs (GET) List tasks (GET) Inspect a task (GET) Search image (GET) Delete image (DELETE) 24

25 DOCKER API CALLS THAT DON T VIOLATE SOP List containers (GET) Inspect container (GET) List processes in container (GET) Get container logs (GET) Get container s changes in filesystem (GET) Export container (GET) Get container stats (GET) Resize Container (POST) Start Container (POST) List images (GET) Build image (POST) Create image (POST) Get image history (GET) Push image (POST) Stop Container (POST) Restart container (POST) Kill a container (POST) Rename container (POST) Pause container (POST) Unpause container (POST) Attach to a container (POST) Get file info in a container (HEAD) Get filesystem archive (GET) Delete Container (POST) List networks (GET) Inspect Network (GET) Tag image (POST) List volumes (GET) Export image (GET) Inspect volume (GET) List secrets (GET) Create secret (POST) Inspect secret (GET) Inspect Swarm (GET) List nodes (GET) Inspect node (GET) List services (GET) Inspect service (GET) Get service logs (GET) List tasks (GET) Inspect a task (GET) Search image (GET) Delete image (DELETE) 25

26 BUILD IMAGE Build images from Dockerfile FROM alpine:latest ADD mycode.sh RUN apt-get update && apt-get install y RUN./mycode.sh 26

27 BUILD IMAGE Build images from Dockerfile Execute Yourself FROM alpine:latest ADD mycode.sh RUN apt-get update && apt-get install y RUN./mycode.sh Build == Execute code! 27

28 BUILD IMAGE API CALL POST /build No body => no SOP violation! Interesting build parameters 28

29 BUILD IMAGE API CALL POST /build No body => no SOP violation! Interesting build parameters t (tag) 29

30 BUILD IMAGE API CALL POST /build No body => no SOP violation! Interesting build parameters t (tag) remote git repository! 30

31 BUILD IMAGE API CALL POST /build No body => no SOP violation! Interesting build parameters t (tag) remote git repository! networkmode (bridge / host / none) 31

32 BUILD IMAGE API CALL REVERSE SHELL DEMO POST remote= &networkmode=host 32

33 BUILD IMAGE API CALL REVERSE SHELL DEMO 33

34 ABUSE DOCKER BUILD 34

35 ABUSE DOCKER BUILD 35

36 ABUSE DOCKER BUILD 36

37 ABUSE DOCKER BUILD 37

38 ABUSE DOCKER BUILD 38

39 ABUSE DOCKER BUILD 39

40 ABUSE DOCKER BUILD DEMO 40

41 DOCKER FIX We disclosed to Docker TCP now an opt-in 41

42 HOST REBINDING ATTACK DAEMON PRIVILEGE ESCALATION 2

43 WHAT S NEXT? 43

44 LIMITATIONS 44

45 LIMITATIONS 45

46 DNS REBINDING? 46

47 DNS REBINDING - HISTORY Carbon Dated to ~ Protecting Browsers from DNS Rebinding Attacks 2008 Defending your DNS in a post-kaminsky world 2010 How to Hack Millions of Routers 47

48 DNS REBINDING HOW IT WORKS 48

49 DNS REBINDING HOW IT WORKS 49

50 DNS REBINDING HOW IT WORKS 50

51 DNS REBINDING HOW IT WORKS 51

52 DNS REBINDING HOW IT WORKS 52

53 DNS REBINDING HOW IT WORKS 53

54 DNS REBINDING HOW IT WORKS SOP BYPASSED! 54

55 WHY NOT USE DNS REBINDING? DNS Rebinding may fail Existing protections (perimeter) Attacker needs to setup domain $$$ Maintenance IP Reputation & Threat Intelligence 55

56 LLMNR: DNS OVER THE LAN Name resolution over the LAN LLMNR DNS like resolution IPv4 & IPv6 56

57 ATTACKING LLMNR Requests broadcasted over virtual interface! Spoof LLMNR Replies Cached in the browser (IE / Chrome / FF) for ~60 seconds Skip cache in FF Delay HTTP response 0.5 sec 57

58 HOST REBINDING DEMO 58

59 HOST REBINDING DEMO 59

60 HOST REBINDING DEMO 60

61 HOST REBINDING DEMO 61

62 HOST REBINDING DEMO 62

63 HOST REBINDING DEMO 63

64 HOST REBINDING DEMO 64

65 HOST REBINDING DEMO 65

66 HOST REBINDING DEMO 66

67 HOST REBINDING DEMO SOP BYPASSED! 67

68 HOST REBINDING DEMO SOP BYPASSED! 68

69 HOST REBINDING DEMO SOP BYPASSED! 69

70 HOST REBINDING DEMO 70

71 RECAP Abuse Docker API 1 Remote Code Execution Host Rebinding 2 Privilege Escalation Full API Access: docker run? 71

72 SHADOW CONTAINER PERSISTENCE & CONCEALMENT 3

73 MISSING PERSISTENCE & CONCEALMENT So Far Privileged container on the VM (Moby Linux) Access to VM filesystem Access to enterprise internal network But Not Concealed: docker ps Not Persistent: VM boots from image 73

74 PERSISTENT AND CONCEALED myscript 74

75 PERSISTENT AND CONCEALED shadow 75

76 PERSISTENT AND CONCEALED shadow 76

77 PERSISTENT AND CONCEALED myscript 77

78 SHADOW CONTAINER SHUTDOWN SCRIPT 78

79 SHADOW CONTAINER MYSCRIPT.SH 79

80 SHADOW CONTAINER DEMO 80

81 FULL ATTACK CLICK TO PWN!

82 FULL ATTACK DEMO 82

83 FULL ATTACK DEMO Abuse Docker API 83

84 FULL ATTACK DEMO Abuse Docker API Host Rebinding 84

85 FULL ATTACK DEMO Abuse Docker API Host Rebinding 85

86 FULL ATTACK DEMO Abuse Docker API Host Rebinding 86

87 FULL ATTACK DEMO Abuse Docker API Host Rebinding Shadow Container 87

88 FULL ATTACK DEMO Abuse Docker API Host Rebinding Shadow Container 88

89 FULL ATTACK DEMO Abuse Docker API Host Rebinding Shadow Container 89

90 FULL ATTACK DEMO Abuse Docker API Host Rebinding Shadow Container 90

91 FULL ATTACK DEMO shadow Abuse Docker API Host Rebinding Shadow Container 91

92 FULL ATTACK DEMO shadow Abuse Docker API Host Rebinding Shadow Container 92

93 FULL ATTACK DEMO Abuse Docker API Host Rebinding Shadow Container 93

94 FULL ATTACK DEMO Abuse Docker API Host Rebinding myscript Shadow Container 94

95 FULL ATTACK DEMO 95

96 IMPACT DEVELOPERS AS TARGETS

97 ADVANCED PERSISTENT THREAT Persistency Concealment Low Forensic Footprint Access to Internal Enterprise Network 97

98 SHADOW WORM Attacker poisons images Bad image spread like a worm in pipeline 98

99 ATTACK FLAVORS MAC DNS Rebinding Shadow Container Linux DNS Rebinding Full Access Windows Containers Abuse API Host Rebinding Full Access 99

100 CONCLUSIONS

101 MITIGATION Don t expose container engine API Only allow authenticated clients (certificates) access to exposed port (or block it via Firewall) Analyze Container Engine Logs (on development also) Disable NetBIOS & LLMNR Continuously scan images in registries Continuously monitor containers in runtime 101

102 BLACK HAT SOUND BYTES Developers are the new Targets New Attacks: Host Rebinding & Shadow Container Protect your PIPE: Scan images & Monitor Containers in Runtime Michael Sagie 102

Hackveda Training - Ethical Hacking, Networking & Security

Hackveda Training - Ethical Hacking, Networking & Security Hackveda Training - Ethical Hacking, Networking & Security Day1: Hacking windows 7 / 8 system and security Part1 a.) Windows Login Password Bypass manually without CD / DVD b.) Windows Login Password Bypass

More information

Who is Docker and how he can help us? Heino Talvik

Who is Docker and how he can help us? Heino Talvik Who is Docker and how he can help us? Heino Talvik heino.talvik@seb.ee heino.talvik@gmail.com What is Docker? Software guy view: Marriage of infrastucture and Source Code Management Hardware guy view:

More information

Dockerfile & docker CLI Cheat Sheet

Dockerfile & docker CLI Cheat Sheet Dockerfile & docker CLI Cheat Sheet Table of Contents Introduction 1 1. docker CLI Engine 2 1.1 Container Related s 2 1.2 Image Related s 4 1.3 Network Related s 5 1.4 Registry Related s 6 1.5 Volume Related

More information

1 TABLE OF CONTENTS UNCLASSIFIED//LES

1 TABLE OF CONTENTS UNCLASSIFIED//LES 1 TABLE OF CONTENTS 2 In troduction...3 2.1 Terminology...3 2.2 Anatomy of the Pivot...3 2.3 Requirements for a Successful Pivot...3 3 Risks and Caveats...4 3.1 Fulcrum Does Not Measure Success or Failure

More information

Red Hat Containers Cheat Sheet

Red Hat Containers Cheat Sheet Red Hat Containers Cheat Sheet Table of Contents Introduction Commands Key 1. Container Runtime Engine 1.A) Container Related Commands 1.B) Image Related Commands 1.C) Network Related Commands 1.D) Registry

More information

Introduction to Containers

Introduction to Containers Introduction to Containers Shawfeng Dong Principal Cyberinfrastructure Engineer University of California, Santa Cruz What are Containers? Containerization, aka operating-system-level virtualization, refers

More information

Docker Cheat Sheet. Introduction

Docker Cheat Sheet. Introduction Docker Cheat Sheet Introduction Containers allow the packaging of your application (and everything that you need to run it) in a "container image". Inside a container you can include a base operational

More information

An introduction to Docker

An introduction to Docker An introduction to Docker Ing. Vincenzo Maffione Operating Systems Security Container technologies on Linux Several light virtualization technologies are available for Linux They build on cgroups, namespaces

More information

Think Small to Scale Big

Think Small to Scale Big Think Small to Scale Big Intro to Containers for the Datacenter Admin Pete Zerger Principal Program Manager, MVP pete.zerger@cireson.com Cireson Lee Berg Blog, e-mail address, title Company Pete Zerger

More information

Contents in Detail. Acknowledgments

Contents in Detail. Acknowledgments Acknowledgments xix Introduction What s in This Book... xxii What Is Ethical Hacking?... xxiii Penetration Testing... xxiii Military and Espionage... xxiii Why Hackers Use Linux... xxiv Linux Is Open Source....

More information

Ethical Hacking. Content Outline: Session 1

Ethical Hacking. Content Outline: Session 1 Ethical Hacking Content Outline: Session 1 Ethics & Hacking Hacking history : How it all begin - Why is security needed? - What is ethical hacking? - Ethical Hacker Vs Malicious hacker - Types of Hackers

More information

agenda PAE Docker Docker PAE

agenda PAE Docker Docker PAE Docker 2016.03.26 agenda PAE Docker Docker PAE 2 3 PAE PlCloud APP Engine Docker Docker Caas APP 4 APP APP volume images 5 App 6 APP Show Time 7 8 Docker Public DockerHup Private registry push pull AUFS

More information

Arup Nanda VP, Data Services Priceline.com

Arup Nanda VP, Data Services Priceline.com Jumpstarting Docker Arup Nanda VP, Data Services Priceline.com My application worked in Dev but not in QA Will it work in production? I need an environment right now No, I can t wait for 2 weeks I just

More information

Getting Started With Containers

Getting Started With Containers DEVNET 2042 Getting Started With Containers Matt Johnson Developer Evangelist @mattdashj Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session

More information

Set up, Configure, and Use Docker on Local Dev Machine

Set up, Configure, and Use Docker on Local Dev Machine Set up, Configure, and Use Docker on Local Dev Machine Table of Contents Set up, Configure, and Use Docker on Local Dev Machine... 1 1. Introduction... 2 1.1 Major Docker Components... 2 1.2 Tools Installed

More information

Harbor Registry. VMware VMware Inc. All rights reserved.

Harbor Registry. VMware VMware Inc. All rights reserved. Harbor Registry VMware 2017 VMware Inc. All rights reserved. VMware Harbor Registry Cloud Foundry Agenda 1 Container Image Basics 2 Project Harbor Introduction 3 Consistency of Images 4 Security 5 Image

More information

01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED

01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED 01/02/2014 SECURITY ASSESSMENT METHODOLOGIES SENSEPOST 2014 ALL RIGHTS RESERVED Contents 1. Introduction 3 2. Security Testing Methodologies 3 2.1 Internet Footprint Assessment 4 2.2 Infrastructure Assessments

More information

Docker DCA EXAM. m/ Product: Demo. For More Information: Docker Certified Associate

Docker DCA EXAM.   m/ Product: Demo. For More Information:   Docker Certified Associate Page No 1 https://www.dumpsplanet.com m/ Docker DCA EXAM Docker Certified Associate Product: Demo For More Information: DCA-dumps Question: 1 Which of the following is supported by control groups? A. Manage

More information

Good Fences Make Good Neighbors: Rethinking Your Cloud Selection Strategy

Good Fences Make Good Neighbors: Rethinking Your Cloud Selection Strategy Good Fences Make Good Neighbors: Rethinking Your Cloud Selection Strategy SESSION ID: CSV-W01 Bryan D. Payne Director of Security Research Nebula @bdpsecurity Cloud Security Today Cloud has lots of momentum

More information

Becoming the Adversary

Becoming the Adversary SESSION ID: CIN-R06 Becoming the Adversary Tyrone Erasmus Managing Security Consultant MWR InfoSecurity @metall0id /usr/bin/whoami Most public research == Android Something different today 2 Overview Introduction

More information

Beyond a sensor. Towards the Globalization of SURFids. FIRST 20 th Annual Conference Vancouver, Canada

Beyond a sensor. Towards the Globalization of SURFids. FIRST 20 th Annual Conference Vancouver, Canada Beyond a sensor Towards the Globalization of SURFids Wim.Biemolt@surfnet.nl FIRST 20 th Annual Conference Vancouver, Canada 1 SURFnet6 2 SURFcert 3 18 th Annual FIRST Conference Goals - Understanding:

More information

LENS Server Maintenance Guide JZ 2017/07/28

LENS Server Maintenance Guide JZ 2017/07/28 LENS Server Maintenance Guide JZ 2017/07/28 Duty Maintain LENS server with minimum downtime Patch critical vulnerabilities Assist LAB member for using the LENS services Evaluate for custom requirements

More information

Ethical Hacking and Countermeasures: Web Applications, Second Edition. Chapter 3 Web Application Vulnerabilities

Ethical Hacking and Countermeasures: Web Applications, Second Edition. Chapter 3 Web Application Vulnerabilities Ethical Hacking and Countermeasures: Web Chapter 3 Web Application Vulnerabilities Objectives After completing this chapter, you should be able to: Understand the architecture of Web applications Understand

More information

CONTAINERIZED APP DEVELOPMENT

CONTAINERIZED APP DEVELOPMENT ONTAINERIZED APP DEVELOPMENT WITH THE DK Maxim Burgerhout @MaximBurgerhout / maxim@redhat.com Red Hat Tech Day - June 13th, 2017 2 BRIEF INTRO: MAXIM BURGERHOUT Solution Architect @ Red Hat Platform, loud

More information

Cyber Common Technical Core (CCTC) Advance Sheet Windows Operating Systems

Cyber Common Technical Core (CCTC) Advance Sheet Windows Operating Systems Cyber Common Technical Core (CCTC) Advance Sheet Windows Operating Systems Section 1: Command Line Tools Skill 1: Employ commands using command line interface 1.1 Use command line commands to gain situational

More information

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker Learn to find security vulnerabilities before the bad guys do! The Certified Ethical Hacker (CEH) class immerses students in an interactive environment

More information

Table of Contents DevOps Administrators

Table of Contents DevOps Administrators DevOps Administrators Table of Contents DevOps Administrators Overview for DevOps Admins Managing Images, Projects, Users Configure a Registry Create Users Assign the Administrator Role Create a Project

More information

SentinelOne Technical Brief

SentinelOne Technical Brief SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by behavior-based threat detection and intelligent automation.

More information

Table of Contents 1.1. Overview. Containers, Docker, Registries vsphere Integrated Containers Engine

Table of Contents 1.1. Overview. Containers, Docker, Registries vsphere Integrated Containers Engine Table of Contents Overview Containers, Docker, Registries vsphere Integrated Containers Engine Management Portal Registry Roles and Personas 1.1 1.1.1 1.1.2 1.1.2.1 1.1.2.2 1.1.2.3 1.1.2.4 2 Overview of

More information

Network Security. Thierry Sans

Network Security. Thierry Sans Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability

More information

Modular Policy Framework. Class Maps SECTION 4. Advanced Configuration

Modular Policy Framework. Class Maps SECTION 4. Advanced Configuration [ 59 ] Section 4: We have now covered the basic configuration and delved into AAA services on the ASA. In this section, we cover some of the more advanced features of the ASA that break it away from a

More information

GitLab-CI and Docker Registry

GitLab-CI and Docker Registry GitLab-CI and Docker Registry Oleg Fiksel Security Consultant @ CSPI GmbH oleg.fiksel@cspi.com oleg@fiksel.info Matrix: @oleg:fiksel.info FrOSCon 2017 AGENDA ABOUT INTRODUCTION GitLab 101 Deploying on-premise

More information

Strategic Infrastructure Security

Strategic Infrastructure Security Strategic Infrastructure Security Course Number: SCPSIS Length: Certification Exam There are no exams currently associated with this course. Course Overview This course picks up right where Tactical Perimeter

More information

Chapter 2. Switch Concepts and Configuration. Part II

Chapter 2. Switch Concepts and Configuration. Part II Chapter 2 Switch Concepts and Configuration Part II CCNA3-1 Chapter 2-2 Switch Concepts and Configuration Configuring Switch Security MAC Address Flooding Passwords Spoofing Attacks Console Security Tools

More information

Run containerized applications from pre-existing images stored in a centralized registry

Run containerized applications from pre-existing images stored in a centralized registry Introduction This examination is based upon the most critical job activities a Docker Certified Associate performs. The skills and knowledge certified by this examination represent a level of expertise

More information

Red Hat OpenShift Application Runtimes 0.1

Red Hat OpenShift Application Runtimes 0.1 Red Hat OpenShift Application Runtimes 0.1 Install and Configure the developers.redhat.com/launch Application on a Single-node OpenShift Cluster For Use with Red Hat OpenShift Application Runtimes Last

More information

Table of Contents 1.1. Introduction. Overview of vsphere Integrated Containers 1.2

Table of Contents 1.1. Introduction. Overview of vsphere Integrated Containers 1.2 Table of Contents Introduction Overview of vsphere Integrated Containers 1.1 1.2 2 Overview of vsphere Integrated Containers This document provides an overview of VMware vsphere Integrated Containers.

More information

Important DevOps Technologies (3+2+3days) for Deployment

Important DevOps Technologies (3+2+3days) for Deployment Important DevOps Technologies (3+2+3days) for Deployment DevOps is the blending of tasks performed by a company's application development and systems operations teams. The term DevOps is being used in

More information

Container-based virtualization: Docker

Container-based virtualization: Docker Università degli Studi di Roma Tor Vergata Dipartimento di Ingegneria Civile e Ingegneria Informatica Container-based virtualization: Docker Corso di Sistemi Distribuiti e Cloud Computing A.A. 2018/19

More information

Index. Bessel function, 51 Big data, 1. Cloud-based version-control system, 226 Containerization, 30 application, 32 virtualize processes, 30 31

Index. Bessel function, 51 Big data, 1. Cloud-based version-control system, 226 Containerization, 30 application, 32 virtualize processes, 30 31 Index A Amazon Web Services (AWS), 2 account creation, 2 EC2 instance creation, 9 Docker, 13 IP address, 12 key pair, 12 launch button, 11 security group, 11 stable Ubuntu server, 9 t2.micro type, 9 10

More information

Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin,

Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin, Fundamental Questions to Answer About Computer Networking, Jan 2009 Prof. Ying-Dar Lin, ydlin@cs.nctu.edu.tw Chapter 1: Introduction 1. How does Internet scale to billions of hosts? (Describe what structure

More information

This ethical hacking course puts you in the driver's seat of a hands-on environment with a systematic process.

This ethical hacking course puts you in the driver's seat of a hands-on environment with a systematic process. EC Council Certified Ethical Hacker V9 This ethical hacking course puts you in the driver's seat of a hands-on environment with a systematic process. Here, you will be exposed to an entirely different

More information

Table of Contents. Configure and Manage Logging in to the Management Portal Verify and Trust Certificates

Table of Contents. Configure and Manage Logging in to the Management Portal Verify and Trust Certificates Table of Contents Configure and Manage Logging in to the Management Portal Verify and Trust Certificates Configure System Settings Add Cloud Administrators Add Viewers, Developers, or DevOps Administrators

More information

Corrigendum 3. Tender Number: 10/ dated

Corrigendum 3. Tender Number: 10/ dated (A premier Public Sector Bank) Information Technology Division Head Office, Mangalore Corrigendum 3 Tender Number: 10/2016-17 dated 07.09.2016 for Supply, Installation and Maintenance of Distributed Denial

More information

Stonesoft Management Center. Release Notes Revision A

Stonesoft Management Center. Release Notes Revision A Stonesoft Management Center Release Notes 5.10.2 Revision A Table of contents 1 About this release...3 System requirements... 3 Build version...4 Compatibility... 5 2 New features...6 3 Enhancements...

More information

Basic Linux Security. Roman Bohuk University of Virginia

Basic Linux Security. Roman Bohuk University of Virginia Basic Linux Security Roman Bohuk University of Virginia What is Linux? An open source operating system Project started by Linus Torvalds kernel Kernel: core program that controls everything else (controls

More information

Certified Penetration Testing Consultant

Certified Penetration Testing Consultant Certified Penetration Testing Consultant Duration: 4 Days Language: English Course Delivery: Classroom COURSE BENEFITS The vendor neutral Certified Penetration Testing Consultant course is designed for

More information

Tanium Endpoint Detection and Response. (ISC)² East Bay Chapter Training Day July 13, 2018

Tanium Endpoint Detection and Response. (ISC)² East Bay Chapter Training Day July 13, 2018 Tanium Endpoint Detection and Response (ISC)² East Bay Chapter Training Day July 13, 2018 $> WhoamI 11 Years of Security Experience Multiple Verticals (Technology, Industrial, Healthcare, Biotech) 9 Years

More information

PVS Deployment in the Cloud. Last Updated: June 17, 2016

PVS Deployment in the Cloud. Last Updated: June 17, 2016 PVS Deployment in the Cloud Last Updated: June 17, 2016 Contents Amazon Web Services Introduction 3 Software Requirements 4 Set up a NAT Gateway 5 Install PVS on the NAT Gateway 11 Example Deployment 12

More information

Real-time, Unified Endpoint Protection

Real-time, Unified Endpoint Protection Real-time, Unified Endpoint Protection Real-Time, Unified Endpoint Protection is a next-generation endpoint protection company that delivers realtime detection, prevention and remediation of advanced threats

More information

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security HTML PHP Database Linux Operating System and Networking: LINUX NETWORKING Information Gathering:

More information

BIG-IP Access Policy Manager : Secure Web Gateway. Version 13.0

BIG-IP Access Policy Manager : Secure Web Gateway. Version 13.0 BIG-IP Access Policy Manager : Secure Web Gateway Version 13.0 Table of Contents Table of Contents BIG-IP APM Secure Web Gateway Overview...9 About APM Secure Web Gateway... 9 About APM benefits for web

More information

Endpoint Security - what-if analysis 1

Endpoint Security - what-if analysis 1 Endpoint Security - what-if analysis 1 07/23/2017 Threat Model Threats Threat Source Risk Status Date Created File Manipulation File System Medium Accessing, Modifying or Executing Executable Files File

More information

Lecture 10. Denial of Service Attacks (cont d) Thursday 24/12/2015

Lecture 10. Denial of Service Attacks (cont d) Thursday 24/12/2015 Lecture 10 Denial of Service Attacks (cont d) Thursday 24/12/2015 Agenda DoS Attacks (cont d) TCP DoS attacks DNS DoS attacks DoS via route hijacking DoS at higher layers Mobile Platform Security Models

More information

CONTAINER AND MICROSERVICE SECURITY ADRIAN MOUAT

CONTAINER AND MICROSERVICE SECURITY ADRIAN MOUAT CONTAINER AND MICROSERVICE SECURITY ADRIAN MOUAT Chief Scientist @ Container Solutions Wrote "Using Docker" for O'Reilly 40% Discount with AUTHD code Free Docker Security minibook http://www.oreilly.com/webops-perf/free/dockersecurity.csp

More information

Building A Better Test Platform:

Building A Better Test Platform: Building A Better Test Platform: A Case Study of Improving Apache HBase Testing with Docker Aleks Shulman, Dima Spivak Outline About Cloudera Apache HBase Overview API compatibility API compatibility testing

More information

WHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX

WHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX WHITEPAPER ATTIVO NETWORKS THREATDEFEND PLATFORM AND THE MITRE ATT&CK MATRIX 1 INTRODUCTION The MITRE Corporation Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK ) Matrix provides a model

More information

The Attacker s POV Hacking Mobile Apps. in Your Enterprise to Reveal Real Vulns and Protect the Business. Tony Ramirez

The Attacker s POV Hacking Mobile Apps. in Your Enterprise to Reveal Real Vulns and Protect the Business. Tony Ramirez The Attacker s POV Hacking Mobile Apps in Your Enterprise to Reveal Real Vulns and Protect the Business Tony Ramirez AGENDA & SPEAKERS Introduction Attacks on Mobile Live Demo Recommendations Q&A Tony

More information

ElasterStack 3.2 User Administration Guide - Advanced Zone

ElasterStack 3.2 User Administration Guide - Advanced Zone ElasterStack 3.2 User Administration Guide - Advanced Zone With Advance Zone Configuration TCloud Computing Inc. 6/22/2012 Copyright 2012 by TCloud Computing, Inc. All rights reserved. This document is

More information

AN INTRODUCTION TO ARP SPOOFING

AN INTRODUCTION TO ARP SPOOFING AN INTRODUCTION TO ARP SPOOFING April, 2001 Sean Whalen Sophie Engle Dominic Romeo GENERAL INFORMATION Introduction to ARP Spoofing (April 2001) Current Revision: 1.8 Available: http://chocobospore.org

More information

OpenDCRE Documentation

OpenDCRE Documentation OpenDCRE Documentation Release 1.1 Vapor IO March 07, 2016 Contents 1 OpenDCRE (Open Data Center Runtime Environment) 3 1.1 Introduction............................................... 3 1.2 Getting OpenDCRE

More information

DGX-1 DOCKER USER GUIDE Josh Park Senior Solutions Architect Contents created by Jack Han Solutions Architect

DGX-1 DOCKER USER GUIDE Josh Park Senior Solutions Architect Contents created by Jack Han Solutions Architect DGX-1 DOCKER USER GUIDE 17.08 Josh Park Senior Solutions Architect Contents created by Jack Han Solutions Architect AGENDA Introduction to Docker & DGX-1 SW Stack Docker basic & nvidia-docker Docker image

More information

Smart Attacks require Smart Defence Moving Target Defence

Smart Attacks require Smart Defence Moving Target Defence Smart Attacks require Smart Defence Moving Target Defence Prof. Dr. Gabi Dreo Rodosek Executive Director of the Research Institute CODE 1 Virtual, Connected, Smart World Real World Billions of connected

More information

Vulnerability Validation Tutorial

Vulnerability Validation Tutorial Vulnerability Validation Tutorial Last updated 01/07/2014-4.8 Vulnerability scanning plays a key role in the vulnerability management process. It helps you find potential vulnerabilities so that you can

More information

CYBER ATTACKS EXPLAINED: PACKET SPOOFING

CYBER ATTACKS EXPLAINED: PACKET SPOOFING CYBER ATTACKS EXPLAINED: PACKET SPOOFING Last month, we started this series to cover the important cyber attacks that impact critical IT infrastructure in organisations. The first was the denial-of-service

More information

Preview Test: cis191_chap1_quiz

Preview Test: cis191_chap1_quiz 3/9/2015 Preview Test: cis191_chap1_quiz 20155229528. Sunyata 98 Courses Organizations Need Help? Prevent Sexual Violence Preview Test: cis191_chap1_quiz Test Information Description Instructions Timed

More information

VLAN Hopping, ARP Poisoning, and Man-In-TheMiddle Attacks in Virtualized Environments

VLAN Hopping, ARP Poisoning, and Man-In-TheMiddle Attacks in Virtualized Environments VLAN Hopping, ARP Poisoning, and Man-In-TheMiddle Attacks in Virtualized Environments Dr. Ronny L. Bull, Ph.D. Utica College Nexus Seminar Series Nov 10th 2017 About Me Ph.D. in Computer Science from Clarkson

More information

CYBER ANALYTICS. Architecture Overview. Technical Brief. May 2016 novetta.com 2016, Novetta

CYBER ANALYTICS. Architecture Overview. Technical Brief. May 2016 novetta.com 2016, Novetta CYBER ANALYTICS Architecture Overview Technical Brief May 2016 novetta.com 2016, Novetta Novetta Cyber Analytics: Technical Architecture Overview 1 INTRODUCTION 2 CAPTURE AND PROCESS ALL NETWORK TRAFFIC

More information

SPOOFING. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

SPOOFING. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006 SPOOFING Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Learning Objectives Students should be able to: Determine relevance of

More information

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28 Int ernet w orking Internet Security Literature: Forouzan: TCP/IP Protocol Suite : Ch 28 Internet Security Internet security is difficult Internet protocols were not originally designed for security The

More information

Control Center Planning Guide

Control Center Planning Guide Control Center Planning Guide Release 1.4.2 Zenoss, Inc. www.zenoss.com Control Center Planning Guide Copyright 2017 Zenoss, Inc. All rights reserved. Zenoss, Own IT, and the Zenoss logo are trademarks

More information

Carbon Black QRadar App User Guide

Carbon Black QRadar App User Guide Carbon Black QRadar App User Guide Table of Contents Carbon Black QRadar App User Guide... 1 Cb Event Forwarder... 2 Overview...2 Requirements...2 Install Cb Event Forwarder RPM...2 Configure Cb Event

More information

Snort Rules Classification and Interpretation

Snort Rules Classification and Interpretation Snort Rules Classification and Interpretation Pop2 Rules: Class Type Attempted Admin(SID: 1934, 284,285) GEN:SID 1:1934 Message POP2 FOLD overflow attempt Summary This event is generated when an attempt

More information

~Deep dive into Windows Containers and Docker~

~Deep dive into Windows Containers and Docker~ ~Deep dive into Windows Containers and Docker~ Blog: Twitter: http://www.solidalm.com https://twitter.com/cornellknulst Are we doing the right things? In managing infrastructure? In deployment? Desired

More information

Network softwarization Lab session 2: OS Virtualization Networking

Network softwarization Lab session 2: OS Virtualization Networking Network softwarization Lab session 2: OS Virtualization Networking Nicolas Herbaut David Bourasseau Daniel Negru December 16, 2015 1 Introduction 1.1 Discovering docker 1.1.1 Installation Please launch

More information

Docker and Security. September 28, 2017 VASCAN Michael Irwin

Docker and Security. September 28, 2017 VASCAN Michael Irwin Docker and Security September 28, 2017 VASCAN Michael Irwin Quick Intro - Michael Irwin 2011 - Graduated (CS@VT); started full-time at VT Sept 2015 - Started using Docker for QA June 2016 - Attended first

More information

Host. Computer system #1. Host Hardening

Host. Computer system #1. Host Hardening Host Hardening Series of actions to be taken in order to make it hard for an attacker to successfully attack computers in a network environment (March 28, 2016) Abdou Illia Spring 2016 Host In network

More information

Red Hat OpenShift Application Runtimes 1

Red Hat OpenShift Application Runtimes 1 Red Hat OpenShift Application Runtimes 1 Install and Configure the Fabric8 Launcher Tool For Use with Red Hat OpenShift Application Runtimes Last Updated: 2018-03-09 Red Hat OpenShift Application Runtimes

More information

CIT 380: Securing Computer Systems. Network Security Concepts

CIT 380: Securing Computer Systems. Network Security Concepts CIT 380: Securing Computer Systems Network Security Concepts Topics 1. Protocols and Layers 2. Layer 2 Network Concepts 3. MAC Spoofing 4. ARP 5. ARP Spoofing 6. Network Sniffing Protocols A protocol defines

More information

CCNP Switch Questions/Answers Securing Campus Infrastructure

CCNP Switch Questions/Answers Securing Campus Infrastructure What statement is true about a local SPAN configuration? A. A port can act as the destination port for all SPAN sessions configured on the switch. B. A port can be configured to act as a source and destination

More information

Penetration Testing with Kali Linux

Penetration Testing with Kali Linux Penetration Testing with Kali Linux PWK Copyright Offensive Security Ltd. All rights reserved. Page 1 of 11 All rights reserved to Offensive Security No part of this publication, in whole or in part, may

More information

Red Hat Certified System Administrator (RHCSA) RHCSA 7 Requirements and Syllabus

Red Hat Certified System Administrator (RHCSA) RHCSA 7 Requirements and Syllabus Red Hat Certified System Administrator (RHCSA) RHCSA 7 Requirements and Syllabus In preparation to earn the Red Hat Certified System Administrator (RHCSA), Red Hat recommends the following: For System

More information

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches

More information

ECE 435 Network Engineering Lecture 23

ECE 435 Network Engineering Lecture 23 ECE 435 Network Engineering Lecture 23 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 4 December 2018 Announcements HW#9 graded Don t forget projects next week Presentation schedule

More information

Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com

Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE. s3security.com Specialized Security Services, Inc. REDUCE RISK WITH CONFIDENCE s3security.com Security Professional Services S3 offers security services through its Security Professional Services (SPS) group, the security-consulting

More information

Network Security and Topology

Network Security and Topology Network Security and Topology AT-VCC AT-VGW Atlona Manuals Control Version Information Version Release Date Notes 1 10/17 Initial release Velocity Control Sytem 2 Table of Contents Network Security and

More information

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications Enabling and Securing Digital Business in Economy Protect s Serving Business Critical Applications 40 percent of the world s web applications will use an interface Most enterprises today rely on customers

More information

Linux Essentials. Smith, Roderick W. Table of Contents ISBN-13: Introduction xvii. Chapter 1 Selecting an Operating System 1

Linux Essentials. Smith, Roderick W. Table of Contents ISBN-13: Introduction xvii. Chapter 1 Selecting an Operating System 1 Linux Essentials Smith, Roderick W. ISBN-13: 9781118106792 Table of Contents Introduction xvii Chapter 1 Selecting an Operating System 1 What Is an OS? 1 What Is a Kernel? 1 What Else Identifies an OS?

More information

Securing ArcGIS for Server. David Cordes, Raj Padmanabhan

Securing ArcGIS for Server. David Cordes, Raj Padmanabhan Securing ArcGIS for Server David Cordes, Raj Padmanabhan Agenda Security in the context of ArcGIS for Server User and Role Considerations Identity Stores Authentication Securing web services Protecting

More information

VM Migration, Containers (Lecture 12, cs262a)

VM Migration, Containers (Lecture 12, cs262a) VM Migration, Containers (Lecture 12, cs262a) Ali Ghodsi and Ion Stoica, UC Berkeley February 28, 2018 (Based in part on http://web.eecs.umich.edu/~mosharaf/slides/eecs582/w16/021516-junchenglivemigration.pptx)

More information

!! Configuration of RFS4000 version R!! version 2.3!! ip access-list BROADCAST-MULTICAST-CONTROL permit tcp any any rule-precedence 10

!! Configuration of RFS4000 version R!! version 2.3!! ip access-list BROADCAST-MULTICAST-CONTROL permit tcp any any rule-precedence 10 Configuration of RFS4000 version 5.5.1.0-017R version 2.3 ip access-list BROADCAST-MULTICAST-CONTROL permit tcp any any rule-precedence 10 rule-description "permit all TCP traffic" permit udp any eq 67

More information

ETHICAL HACKING & COMPUTER FORENSIC SECURITY

ETHICAL HACKING & COMPUTER FORENSIC SECURITY ETHICAL HACKING & COMPUTER FORENSIC SECURITY Course Description From forensic computing to network security, the course covers a wide range of subjects. You will learn about web hacking, password cracking,

More information

Docker A FRAMEWORK FOR DATA INTENSIVE COMPUTING

Docker A FRAMEWORK FOR DATA INTENSIVE COMPUTING Docker A FRAMEWORK FOR DATA INTENSIVE COMPUTING Agenda Intro / Prep Environments Day 1: Docker Deep Dive Day 2: Kubernetes Deep Dive Day 3: Advanced Kubernetes: Concepts, Management, Middleware Day 4:

More information

KillTest 䊾 䞣 催 ࢭ ད ᅌ㖦䊛 ᅌ㖦䊛 NZZV ]]] QORRZKYZ TKZ ϔᑈܡ䊏 ᮄ ࢭ

KillTest 䊾 䞣 催 ࢭ ད ᅌ㖦䊛 ᅌ㖦䊛 NZZV ]]] QORRZKYZ TKZ ϔᑈܡ䊏 ᮄ ࢭ KillTest Exam : 312-49v8 Title : ECCouncil Computer Hacking Forensic Investigator (V8) Version : Demo 1 / 6 1.What is the First Step required in preparing a computer for forensics investigation? A. Do

More information

Tenable.io Container Security REST API. Last Revised: June 08, 2017

Tenable.io Container Security REST API. Last Revised: June 08, 2017 Tenable.io Container Security REST API Last Revised: June 08, 2017 Tenable.io Container Security API Tenable.io Container Security includes a number of APIs for interacting with the platform: Reports API

More information

RKN 2015 Application Layer Short Summary

RKN 2015 Application Layer Short Summary RKN 2015 Application Layer Short Summary HTTP standard version now: 1.1 (former 1.0 HTTP /2.0 in draft form, already used HTTP Requests Headers and body counterpart: answer Safe methods (requests): GET,

More information

CMSC 332 Computer Networking Web and FTP

CMSC 332 Computer Networking Web and FTP CMSC 332 Computer Networking Web and FTP Professor Szajda CMSC 332: Computer Networks Project The first project has been posted on the website. Check the web page for the link! Due 2/2! Enter strings into

More information

TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS

TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS 1 Introduction Your data and infrastructure are at the heart of your business. Your employees, business partners, and

More information

IPv6 Cyber Security Briefing May 27, Ron Hulen VP and CTO Cyber Security Solutions Command Information, Inc.

IPv6 Cyber Security Briefing May 27, Ron Hulen VP and CTO Cyber Security Solutions Command Information, Inc. IPv6 Cyber Security Briefing May 27, 2010 Ron Hulen VP and CTO Cyber Security Solutions Command Information, Inc. 2610:f8:ffff:2010:05:27:85:1 Attack Surfaces Protocol Translator IPv4 Native Dual-Stack

More information

Orchestration Ownage: Exploiting Container-Centric Datacenter Platforms

Orchestration Ownage: Exploiting Container-Centric Datacenter Platforms SESSION ID: CSV-R03 Orchestration Ownage: Exploiting Container-Centric Datacenter Platforms Bryce Kunz Senior Threat Specialist Adobe Mike Mellor Director, Information Security Adobe Intro Mike Mellor

More information