Quiz 1: Next Wednesday Walker during regular class time

Similar documents
MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz II

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz I

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz I

CPSC 467b: Cryptography and Computer Security

Data Security and Privacy. Topic 14: Authentication and Key Establishment

Operating Systems Design Exam 3 Review: Spring Paul Krzyzanowski

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall 2011.

Attacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz I

CSCI 667: Concepts of Computer Security. Lecture 9. Prof. Adwait Nadkarni

ELEC5616 COMPUTER & NETWORK SECURITY

Information Security CS 526

Persistent key, value storage

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz II

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz II

Operating Systems Design Exam 3 Review: Spring 2011

6.858 Lecture 4 OKWS. Today's lecture: How to build a secure web server on Unix. The design of our lab web server, zookws, is inspired by OKWS.

CSC 574 Computer and Network Security. TCP/IP Security


On the Internet, nobody knows you re a dog.

Operating Systems. Week 13 Recitation: Exam 3 Preview Review of Exam 3, Spring Paul Krzyzanowski. Rutgers University.

CS 416: Operating Systems Design April 22, 2015

Introduction. Trusted Intermediaries. CSC/ECE 574 Computer and Network Security. Outline. CSC/ECE 574 Computer and Network Security.

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz I

Trusted Intermediaries

AIT 682: Network and Systems Security

n Learn about the Security+ exam n Learn basic terminology and the basic approaches n Implement security configuration parameters on network

1.264 Lecture 27. Security protocols Symmetric cryptography. Next class: Anderson chapter 10. Exercise due after class

Key distribution and certification

13/10/2013. Kerberos. Key distribution and certification. The Kerberos protocol was developed at MIT in the 1980.

CIS 6930/4930 Computer and Network Security. Topic 7. Trusted Intermediaries

CS 161 Computer Security

User Authentication. Modified By: Dr. Ramzi Saifan

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz II

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall 2014.

SPOOFING. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz I Solutions

Confinement (Running Untrusted Programs)

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

AUTHENTICATION APPLICATION

Attacks Against Websites. Tom Chothia Computer Security, Lecture 11

Computer Security Exam 3 Review. Paul Krzyzanowski. Rutgers University. Spring 2017

Kerberos and Public-Key Infrastructure. Key Points. Trust model. Goal of Kerberos

CHCSS. Certified Hands-on Cyber Security Specialist (510)

Chapter 9: Key Management

Certified Secure Web Application Engineer

Cryptographic Checksums

Quiz II Solutions MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Department of Electrical Engineering and Computer Science

Security and Privacy. SWE 432, Fall 2016 Design and Implementation of Software for the Web

Securing Internet Communication: TLS

Security Handshake Pitfalls

User Authentication. Modified By: Dr. Ramzi Saifan

NETWORK INTRUSION. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

0/41. Alice Who? Authentication Protocols. Andreas Zeller/Stephan Neuhaus. Lehrstuhl Softwaretechnik Universität des Saarlandes, Saarbrücken

Authentication. Strong Password Protocol. IT352 Network Security Najwa AlGhamdi

Outline Key Management CS 239 Computer Security February 9, 2004

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

CSCI 680: Computer & Network Security

Communication Networks ( ) / Fall 2013 The Blavatnik School of Computer Science, Tel-Aviv University. Allon Wagner

Network Security: Kerberos. Tuomas Aura

Kerberos. Pehr Söderman Natsak08/DD2495 CSC KTH 2008

Datasäkerhetsmetoder föreläsning 7

Lecture 6. Internet Security: How the Internet works and some basic vulnerabilities. Thursday 19/11/2015

Ethical Hacking as a Professional Penetration Testing Technique ISSA Southern Tier & Rochester Chapters

CSE 565 Computer Security Fall 2018

CS 425 / ECE 428 Distributed Systems Fall 2017

Computer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition. Chapter 3 Investigating Web Attacks

Protocols II. Computer Security Lecture 12. David Aspinall. 17th February School of Informatics University of Edinburgh

Computer Security. 10. Exam 2 Review. Paul Krzyzanowski. Rutgers University. Spring 2017

CS Computer Networks 1: Authentication

Security and Privacy in Computer Systems. Lecture 7 The Kerberos authentication system. Security policy, security models, trust Access control models

Least-Privilege Isolation: The OKWS Web Server

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz II: Solutions

Digital Signatures. Public-Key Signatures. Arbitrated Signatures. Digital Signatures With Encryption. Terminology. Message Authentication Code (MAC)

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Qualifying exam: operating systems, 1/6/2014

Network Security. Thierry Sans

Your Turn to Hack the OWASP Top 10!

Cryptographic Protocols 1

CS3235 Seventh set of lecture slides

CSE 565 Computer Security Fall 2018

OWASP Top 10 Risks. Many thanks to Dave Wichers & OWASP

L7: Key Distributions. Hui Chen, Ph.D. Dept. of Engineering & Computer Science Virginia State University Petersburg, VA 23806

Network Security Essentials

CSWAE Certified Secure Web Application Engineer

MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz I Solutions. 40 Grade distribution. Score (max is 84) Histogram of grade distribution

Authentication in real world: Kerberos, SSH and SSL. Zheng Ma Apr 19, 2005

Please ensure answers are neat and legible. Illegible answers may be given no points.

Endpoint Security - what-if analysis 1

Spring 2010: CS419 Computer Security

key distribution requirements for public key algorithms asymmetric (or public) key algorithms

Distributed Systems. Fall 2017 Exam 3 Review. Paul Krzyzanowski. Rutgers University. Fall 2017

Computer Networks. Wenzhong Li. Nanjing University

Drone /12/2018. Threat Model. Description. Threats. Threat Source Risk Status Date Created

Radius, LDAP, Radius, Kerberos used in Authenticating Users

User Authentication Principles and Methods

Lecture 10. Denial of Service Attacks (cont d) Thursday 24/12/2015

Password. authentication through passwords

Digital Signatures. Secure Digest Functions

Massachusetts Institute of Technology Handout : Network and Computer Security October 23, 2003 Professor Ronald L. Rivest.

Transcription:

Quiz 1: Next Wednesday Walker during regular class time L1: Security Basics L2: Baggy Bounds L3: Hacking Blind L4: OKWS L5: Guest Lec. L6: Capsicum & Conf. Deputy L7: NaCl L8: OWASP & Tangled Web 1 L9: Django & CSRF L10: Klee & Symbolic Exec. L11: Ur/Web L12: TCP/IP L13: Kerberos L14: ForceHTTPs -- Lab1: Buffer Overf. Lab2: Priv. Sep. Lab3: Concolic Exec.

How to study for Quiz 1 Do old exams. Review papers and lecture notes together. Youtube videos available for each lecture. Student questions and lecture questions for each lecture are available on the submission page. 2

L1: Intro Policy - the goal you want to achieve - negative goals (e.g. "system should not crash") - CIA (confidentiality, integrity, availability) Threat model - attacker's capabilities (access to source? physical access? etc.) Mechanism - technology to enforce policy (unix permissions, capabilities, etc.) 3

L12: TCP/IP and Network Security 1. TCP Handshake 2. Spoofing connections 3. DOS attacks (RST, SYN Flooding) 4. DNS, ARP, DHCP, BGP,... 5. Old Quiz Problems 4

[L12 1/5] TCP Handshake C SRC: C DST: S SYN(ISN c ) SRC: S DST: C SYN(ISN S ) ACK(ISN C ) SRC: C DST: S ACK(ISN S ) SRC: C DST: S DATA(ISN C ) S 5

[L12: 2/5] Connection Spoofing C SRC: S DST: C SYN(ISN S ) ACK(ISN A )??? SRC: C DST: S RST S SRC: C DST: S SYN(ISN A ) guess ISN s? SRC: C DST: S ACK(ISN S ) SRC: C DST: S I DATA(ISN A ) A 6

[L12: 2/5] Connection Spoofing Problem - Easy for A to guess ISN s Solution - ISN (ISN + 250000 * Lt s s ) old sec - A can get (ISN by sending a legal SYN(ISN A ) packet to S. s ) old - Make it hard for A to guess ISN S - ISN ISN + F(ipaddr, portn, ipaddr dst, portn dst, key) s oldstyle src src - F a cryptographic hash function (e.g. SHA1) 7

[L12: 2/5] Connection Spoofing If A knows SN C : o Reset connection: RST(SN C+ ) o Inject data into existing stream: DATA(SN C ) 8

[L12: 3/5] DOS Attacks SYN Floods C SRC: Co DST: S SYN(ISN co ) SRC: C DST: S SYN(ISN c ) SRC: C2 DST: S SYN(ISN c2 ) SRC: C3 DST: S SYN(ISN c2 )... S CONN STATE... C0 C1 C2 waiting waiting waiting...... 9

10

[L12: 4/5] DNS ARP DHCP B P See lecture notes and paper for: DNS response spoofing DNS amplification ARP spoofing DHCP spoofing others 11

12

L13: erberos 1. Overview 2. Practice problems For fun, see: http://web.mit.edu/kerberos/dialogue.html 13

L13: erberos Oeereiew T = {s, c, addr, timestamp, life, K } A = {c, addr, timestamp} c,s c,s c Kc,s K TGS (c, C TGS) {{T }, c,tgs Ktgs K c,tgs } Kc (S, {T c,tgs } Ktgs, {A c } Kc,tgs ) {{T }, c,s Ks K } c,s Kc,tgs ({A c } Kc,s, {Timestamp } Kc,s { ATA} Kc,s S {T } ) c,s Ks 14

L13: 200 Quiz 2 Problem 2 Bob logs into an Athena workstation, which uses Kerberos to obtain a ticket for bob ATHENA.MIT.EDU, and then runs Bob's mail client, which contacts Bob's post office server to fetch new messages. 2. Alice doesn't want Bob to know about an upcoming event, which was announced to Bob via email. To this end, Alice plans to intercept Bob's communication with his post office server, and to pretend that Bob has no new mail. Alice can observe and modify all network packets sent by Bob. How does Kerberos prevent Alice from impersonating Bob's mail server? Be as specific as possible explain how Bob can tell between Alice and the real mail server in terms of network packets. This course makes use of Athena, MIT's UNIX-based computing environment. OCW does not provide access to this environment. 15

L13: 200 Quiz 2 Problem 3 Now, Alice wants to read Bob's email, and intercepts all network packets ever sent and received by Bob's workstation (which is the only computer that Bob uses). However, Alice does not know Bob's password to access Bob's post office server, and Bob's packets to and from the post office server are protected by Kerberos. 3. Suppose that after Bob reads and deletes all of his mail, Alice learns what Bob's password was. Describe how Alice can obtain Bob's past messages. 16

L13: 2012 Quiz 1 Problem Ben Bitdiddle is designing a file server that clients connect to over the network, and is considering using either Kerberos (as described in the paper) or SSL/TLS (without client certificates, where users authenticate using passwords) for protecting a client's network connection to the file server. For this question, assume users choose hard-to-guess passwords. 6. Would Ben's system remain secure if an adversary learns the server's private key, but that adversary controls only a single machine (on the adversary's own home network), and does not collude with anyone else? Discuss both for Kerberos and for SSL/TLS. 17

L13: 2013 Quiz 1 Problem In a Unix Kerberos implementation, each user's tickets (including the TGT ticket for the TGS service) are stored in a per-user file in /tmp. The Unix permissions on this file are such that the user's UID has access to that file, but the group and others do not. 7. Ben Bitdiddle wants to send an email to Alyssa, and to include a copy of the Kerberos paper as an attachment, but because he stayed up late studying for this quiz, he accidentally sends his Kerberos ticket file as an attachment instead. What can Alyssa do given Ben's ticket file? Be precise. 18

L13: 2013 Quiz 1 Problem 8. Ben Bitdiddle stores his secret files in his Athena AFS home directory. Someone hands Alyssa P. Hacker a piece of paper with the key of the Kerberos principal of all-night-tool.mit.edu, which is one of the athena.dialup. mit.edu machines. Could Alyssa leverage her knowledge of this key to get access to Ben's secret files? Assume Alyssa cannot intercept network traffic. Explain either how she could do so (and in what situations this might be possible), or why it is not possible. This course makes use of Athena, MIT's UNIX-based computing environment. OCW does not provide access to this environment. 19

[L13] SSL/HTTPs/ orcehttps Covered in lecture next Monday HTTPs handles authentication and encryption for web Still problematic in some cases o ForceHTTPs fixes some browser quirks 20

. 5 Quiz Reeiew Blind ROP 21

. 5 Quiz Reeiew OWASP/Tangled Web 22

Security Risks Open Redirectors ulnerable Software CSRF/ SRF Function Level Access Control Data Exposure 23

Security Risks Misconfigurations Insecure Direct Object Reference SS Broken Session Management Injections 24

Same Origin Policy Dependent on Protocol and Host Blocks Execution and Access Not foolproof o ava o Flash 25

Same Origin Policy Dependent on Protocol and Host Blocks Execution and Access Not foolproof o ava o Flash 26

Content Security Policy Specify Constraints on Loading Prevent "malicious" scripts Still ulnerable 27

OKWS Separate each service into a distinct process Each service runs as a sepreate UID and GID Each service is chrooted Database proxy is used to enforce query structure 28

OKWS Okld launches all services, creates sockets, run as root No protection against XXS Pubd stores all templates Oklogd keeps log of all activities, chroot to its own sandbox 29

DB Proxy Each service is given a subset of possible queries it is allowed to make Each service passes a token to the db proxy with it s query that proves its identity 30

DAC Each object has a set of permissions Applications set permissions on objects Privileges are checked when a program access an object 31

DAC Problems Only Root can create new users Sometimes hard to customize permissions Some objects don t have clear configurable access control list 32

MAC Users can t change the policy Tries to enforce military classified levels Policy is separated from application code 33

MAC Problems The system controls who can access a newly created object Hard to customize permissions 34

Capabilities Token based access Can have different tokens for read vs write Each object accessed by the file handler Tokens are passed down to forked processes 35

Caps Mode Once a process enters it can t leave caps mode Name space is restricted, can t use.. Unix permissions still apply Allowed operations stored in file descriptor 36

Capabilities Advantages: Any process can create a new sandbox (even a sandbox) Very easy to customize access Disadvantages: No global namespace Hard to keep track of who has access to persistent files 37

UrWeb Only one programming language is used for the entire application All objects passed between different parts of the application are strongly typed Instead of Http requests, clients call typed functions that are run on the server atomically 38

Strongly Typed Strongly typed objects are objects that can only be used in specific functions of the application. This prevents XXS because string input from the user cannot be transformed into HTML or javascript unless the author of the application explicitly allows it. 39

MIT OpenCourseWare http://ocw.mit.edu 6.858 Computer Systems Security Fall 2014 For information about citing these materials or our Terms of Use, visit: http://ocw.mit.edu/terms.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback