Oscillations and Buffer Overflows in Video Streaming under Non
Web Security Firewalls, Buffer overflows and proxy servers.
-
Upload
sherman-manning -
Category
Documents
-
view
246 -
download
0
description
Transcript of Web Security Firewalls, Buffer overflows and proxy servers.
![Page 1: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/1.jpg)
Web Security
Firewalls, Buffer overflows and proxy servers
![Page 2: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/2.jpg)
system vulnerabilitiesAlmost all vulnerabilities come from bugs in the implementation of, or misconfigurations of, the OS and/or appsRarely, a problem with a protocol itselfVulnerabilities can lead to: Unauthorized access: attacker gains control of the
victim’s machine (attacker can log in, read files, and/or make changes to the system)
Denial of Service against host (attacker can crash the computer, disable services, etc.)
Denial of Service against network (attack can disrupt routing, flood the network, etc.)
![Page 3: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/3.jpg)
CSI/FBI Computer Crime and Security Survey
![Page 4: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/4.jpg)
Statistics
![Page 5: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/5.jpg)
Statistics
![Page 6: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/6.jpg)
![Page 7: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/7.jpg)
buffer overflowson the stack
func_1(){ int a, b;
func_2();}
a, bc, d
func_2(){ int c, d;
func_3();}
func 1’s address
buf
func_3(){ char buf[100];
read_user_input(buf);}
func 2’s address
![Page 8: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/8.jpg)
buffer overflowson the stack
func_1(){ int a, b;
func_2();}
a, bc, d
func_2(){ int c, d;
func_3();}
func 1’s address
buf
func_3(){ char buf[100];
read_user_input(buf);}
func 2’s address
evil_assembly_code()
buf’s address
Attacker is supplying input to buf… so buf gets a very carefully constructed string containing assembly code,and overwriting func 2’s address with buf’s address.When func3 returns, it will branch to buf instead of func2.
![Page 9: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/9.jpg)
![Page 10: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/10.jpg)
ExploitationsStack Based Exploitations Overwrite local variable near buffer to change
behavior of the program Overwrite return address in the stack frame
Heap Based Exploitations Overwrite Heap arrays to change behavior of the
application Overwrite malloc pointers who then overwrite a
function pointer (Microsoft JPEG GDI+ vulnerability)
![Page 11: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/11.jpg)
Protection against overflows
Choice of programming language C and C++ provide no built-in protection, but STL has safe
libraries Java, .NET bytecode environments do runtime checking
(Safety vs perfdormance)Stack-smashing protection checks to make sure the stack hasn’t changed after a procedure callNX (no execute) permission setting on stack and heap (OpenBSD, Mac OSX)Address space layout randomization keeps hackers from designing overflow kits
![Page 12: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/12.jpg)
firewallsRouters: easy to say “allow everything but…”Firewalls: easy to say “allow nothing but…”This helps because we turn off access to everything, then evaluate which services are mission-critical and have well-understood risksNote: the only difference between a router and a firewall is the design philosophy; do we prioritize security, or connectivity/performance? (configurability, logging)
![Page 13: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/13.jpg)
Rest of the Internet Local siteFirewall
Firewall
![Page 14: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/14.jpg)
Company netFirewall Webserver
Randomexternaluser
Remotecompanyuser
Internet
Firewall
![Page 15: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/15.jpg)
typical firewall setup
DMZ
evil Internet
internal network
![Page 16: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/16.jpg)
the firewall setupFirewall ensures that the internal network and the Internet can both talk to the DMZ, but usually not to each otherThe DMZ relays services at the application level, e.g. mail forwarding, web proxyingThe DMZ machines and firewall are centrally administered by people focused on security full-time (installing patches, etc.); it’s easier to secure 20 machines than 20,000Now the internal network is “safe” (but not from internal attacks, modems, etc.)
![Page 17: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/17.jpg)
Firewall DetailsRules based on IP Source Address IP Destination Address Encapsulated Protocol TCP/UDP destination port TCP/UDP source port
Eth
Des
tEt
h S r
cEt
h H
dr
IP D
est
IP S
r cIP
Hdr
TCP
DPo
r tTC
P SP
ort
TCP
Hd r
Data
![Page 18: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/18.jpg)
Externalclient
External HTTP/TCP connection
Proxy
Firewall
Internal HTTP/TCP connection
Localserver
Proxy Firewall
![Page 19: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/19.jpg)
Application ProxyChanges source address so that responses come to proxy from web serverProxy is more secure than internal nodesPerformance degradation
![Page 20: Web Security Firewalls, Buffer overflows and proxy servers.](https://reader035.fdocuments.in/reader035/viewer/2022062302/5a4d1b327f8b9ab05999b8de/html5/thumbnails/20.jpg)
Firewalls Compared to Proxies
Pros Good Performance Easy to support new
protocols
Cons IP TCP/UDP
headers cant be trusted
Most attacks spoof IP TCP/UCP ports
Must look at other application signatures