Recent Security Threats & Vulnerabilities Computer security Bob Cowles HEPiX, Fall 2005 SLAC Work supported by U. S. Department of Energy contract DE-AC03-76SF00515 11 October 2005HEPiX - Fall Final Thoughts Spring 2005 uAll operating systems are vulnerable uAll browsers are vulnerable (firefox vulnerability) uNo simple solution security still to complex l Patching helps l Firewalls help l AV & attachment removal & spam filters help l Encrypted passwords/tunnels help if used!! uYou cant be secure; only more secure uWe must share information better l HEPiX Securitylist 11 October 2005HEPiX - Fall More Sophisticated Tools 11 October 2005HEPiX - Fall More Sophisticated Tools - 2 11 October 2005HEPiX - Fall More Sophisticated Tools - 3 11 October 2005HEPiX - Fall Passwords (from Monday) uPOP3 l peggyy,kcoct21,dec3.1 41, baum2kid, abouki99, jasperD9, pi16tchou uIMAP l omeRun75, Bruck5BD, uonsF9 uSMTP l $JPsiMeson, 0~, ha66il33 uICQ l gg14723 uFTP l aw3edcft6 11 October 2005HEPiX - Fall Passwords (http) - 2 ud115872m uHammerhead uS0ph0S u268jld823 ubravodb umonkies uD ufabien ufigarek u637xre286 uaK`5huHn ue4077a97 upeggy101 uguest ucisco ufin_maggie ufrump upingpass uanais uadmin ucband utig4yet upincopallino uMammoths 11 October 2005HEPiX - Fall On the Increase uphishing (including IM)upharminguspyware (p2p) uTailored viruses uIdentity theft (in general) 11 October 2005HEPiX - Fall Bad Practices 11 October 2005HEPiX - Fall New Technologies ubluetooth l voice recognition uRFID uVoIP (skype, googletalk, ) usmartcards, OTP uWill they make a difference? 11 October 2005HEPiX - Fall Advances in Security uCommon Malware EnumerationuCommon Vulnerability Scoring SystemuMS Office 2003 SP2 anti-phishing Extra click to activate links in 11 October 2005HEPiX - Fall Map of Bots 11 October 2005HEPiX - Fall DOE Site Assistance Visit uWere from the government and here to help uHelp with documentation required by new government standards (NIST 800-xx) uIncluded penetration test 11 October 2005HEPiX - Fall Penetration Test - results uWin 2000 SP3 server uMS dropped support as of June 30 uNo warning of August vulnerability uLM hashes for local admin password l Rainbow tables l 64GB 99.9% success at LM passwords uAdmin account shared with other servers 11 October 2005HEPiX - Fall No Final Thoughts Questions?