Post on 06-Jan-2016
description
Recent Security Threats & Vulnerabilities
Computer security
Bob Cowlesbob.cowles@slac.stanford.edu
HEPiX, Fall 2005 – SLAC
Work supported by U. S. Department of Energy contract DE-AC03-76SF00515
11 October 2005 HEPiX - Fall 2005 2
Final Thoughts – Spring 2005
All operating systems are vulnerable All browsers are vulnerable (firefox vulnerability) No simple solution – security still to complex
Patching helps Firewalls help AV & attachment removal & spam filters help Encrypted passwords/tunnels help – if used!!
You can’t be “secure”; only “more secure” We must share information better
HEPiX Security email list
11 October 2005 HEPiX - Fall 2005 3
More Sophisticated Tools
11 October 2005 HEPiX - Fall 2005 4
More Sophisticated Tools - 2
11 October 2005 HEPiX - Fall 2005 5
More Sophisticated Tools - 3
11 October 2005 HEPiX - Fall 2005 6
Passwords (from Monday)
POP3 peggyy,kcoct21,dec3.1
41, baum2kid, abouki99, jasperD9, pi16tchou
IMAP omeRun75,
vrvs@Toshi, Bruck5BD, uonsF9
SMTP $JPsiMeson, 0~, ha66il33
ICQ gg14723
FTP aw3edcft6
11 October 2005 HEPiX - Fall 2005 7
Passwords (http) - 2 d115872m Hammerhead S0ph0S 268jld823 bravodb monkies D3141592 fabien figarek 637xre286 aK`5huHn e4077a97
peggy101 guest cisco fin_maggie frump pingpass anais admin cband tig4yet pincopallino Mammoths
11 October 2005 HEPiX - Fall 2005 8
On the Increase
phishing (including IM)http://www.infosecwriters.com/texts.php?op=display&id=229
pharminghttp://www.infosecwriters.com/texts.php?op=display&id=323
spyware (p2p) Tailored viruses Identity theft (in general)
http://www.emergentchaos.com/archives/cat_breaches.html
http://www.privacyrights.org/ar/ChronDataBreaches.htm
11 October 2005 HEPiX - Fall 2005 9
Bad Practices
11 October 2005 HEPiX - Fall 2005 10
New Technologies
bluetooth voice recognition
RFID VoIP (skype, googletalk, …) smartcards, OTP
Will they make a difference?
11 October 2005 HEPiX - Fall 2005 11
Advances in Security
Common Malware Enumerationhttp://cme.mitre.org/
Common Vulnerability Scoring Systemhttp://www.first.org/newsroom/releases/20050919.html
MS Office 2003 SP2 – anti-phishingExtra click to activate links in email
11 October 2005 HEPiX - Fall 2005 12
Map of Botshttp://nepenthes.sourceforge.net/visualisation
11 October 2005 HEPiX - Fall 2005 13
DOE Site Assistance Visit
We’re from the government and here to help Help with documentation required by new
government standards (NIST 800-xx) Included penetration test
11 October 2005 HEPiX - Fall 2005 14
Penetration Test - results
Win 2000 SP3 server MS dropped support as of June 30 No warning of August vulnerability LM hashes for local admin password
Rainbow tables 64GB – 99.9% success at LM passwords
Admin account shared with other servers
11 October 2005 HEPiX - Fall 2005 15
No Final ThoughtsQuestions?
http://www.antsight.com/zsl/rainbowcrack/demo_rainbowcrack_cfg5.wmv