Archive for the ‘Class Notes’ Category

Mike’s Notes from Gunter’s Talk

April 29, 2010

Biggest clouds ever are botnets Amazon EC2: 200,000. Botnets: 10,000,000

History of botnets: IRC as command and control

Nuke switches: Eliminate evidence by zeroing hard drive

Standardization of botnet languages

Botnet operators use multiple agents to avoid detection

Lots of free-market services available (malware QA, bot rental)

Very professional management tools

Domain flux: Generating new domains to maintain C&C

Microsoft botnet take-down was not successful because one C&C was left on for too long

Advertisements

Notes from George Cox’s Talk

April 28, 2010

Notes on George’s security design talk:

Security as an afterthought, aka add-on, aka “wax job” == fail

The security of a product is a lifecycle consideration (you can’t “fire and forget”); field remediation will be necessary

Secure hardware design requires cross-module thinking

Time to market == time to money

Avoiders focus on cost, security professionals focus on value

Remote reprovisioning functionality  built into computers these days, great for good guys, great for bad guys if done poorly

Key for Midterm 2

April 20, 2010

2010-spring-exam2-ans

High-Level Take-Aways from Matt and Oscar’s Talk

April 16, 2010

Matt Woods and Oscar Salazaar (Application Security Group at HP)

They will send their presentation — look for the link  –> here.  It has details on all these examples.  There was a lot of good discussion, so please add comments to this post.

They have down-loadable tools to help check for website vulnerabilities.   A lot can be done with static analysis.

  1. The first thing to do is to look at the source code on the web page.  For example, there is a “load compressed file” command, so what else can I get them to load?  A configuration file?  Executable code?  This is useful information for a hacker:  you can put code into a web page and execute it.
  2. The Web Hacker Rule:  You can modify everything you send to  a web server, so explore and experiment to find out what you can do.
  3. Google Hacking Vectors
    1. Hacking (e.g., the xss demo; SQL injection)
    2. Misplaced Trust
    3. Resource Enumeration
    4. Session Hijacking
    5. Parameter Manipulation
  4. Client-side validation is ridiculous.  Easily defeated
  5. Clever evasive maneuvers without an underlying model is very dangerous (compare this to what we talk about in operaating system security: adhoc security through obscurity does not work).  You can’t just assume because you’ve done something complicated that the hacker will not figure it out. For example, hiding “script” in “scrscriptipt” is discovered by grepping script.

High-Level Take-Aways from Keith Watson’s Talk

April 15, 2010

Major disconnect between theory and practice (great minds @ GT yet not the greatest IT security)

Social engineering since the dawn of time (THIS IS SPARTA)

Users do dumb things (passwords)

Security is politics

High-level Take-Aways from Nick Feamster’s Talk

April 12, 2010

Hey folks,

As far as take-aways from Nick Feamster’s guest lecture last Thursday, I’d like people to be prepared to talk at a high level about what the advantages and disadvantages are of blocking connections at the network level (as opposed to content-processing of emails).

Class 17: Protection Models

March 29, 2010

Here is the final version of tomorrow’s lecture on Protection in Operating Systems

CS 4235 Bell-Lapadula Model Final

Class 16 IMPORTANT UPDATE: Continuing Discussion of Protection Systems

March 17, 2010

IMPORTANT UPDATE:  Class will not meet today March 18.  Have a good spring break.  We will pick up at this point on March 30th.

I am attaching two survey articles that may be useful as supplements to the Pfleeger and Pfleeger book

1. Bell Recap of the Bell-Lapadula Model

2.p247-landwehr

I have a possible conflict for Thursday (March 18) class that may require me to cancel class.  We have a little room on the calendar, so it should not affect the syllabus or the contents of the April 1 mid-term. Please check with the GTISC office before class to see the current status.

Lipton Post on Provable Security

March 15, 2010

There is a great discussion on Godel’s Lost Letters about provable security.  As usual Prof. Lipton has great stories and some virtuoso computer science to share — and the comments are wonderful — so I really recommend that you read this post and the comments.

Transcript from hacker tools demonstration

March 9, 2010

Hey folks,

Here are some of the commands I used in class:

sudo bash
nmap localhost
nmap -p 22 localhost
nmap -p 1-65535 localhost
nmap -sV -p 22 localhost
nmap -O localhost
nmap –osscan-guess localhost
nmap -sP 128.61.123.1/26
ifconfig
nmap -p 80 www………
nc -v -v www………. 80
w3m www……….