OS(security)

avatar
Created by
jess

Subdecks (3)

Cards (168)

  • Breach of Confidentiality refers to the theft of private or confidential information, such as credit-card numbers, trade secrets, patents, secret formulas, manufacturing procedures, medical information, financial information, etc.
  • Breach of Integrity involves unauthorized modification of data, which may have serious indirect consequences.
  • Breach of Availability involves unauthorized destruction of data, often just for the "fun" of causing havoc and for bragging rites.
  • Theft of Service involves unauthorized use of resources, such as theft of CPU cycles, installation of daemons running an unauthorized file server, or tapping into the target's telephone or networking services.
  • Denial of Service, DOS, involves preventing legitimate users from using the system, often by overloading and overwhelming the system with an excess of requests for service.
  • Masquerading is a common attack where the attacker pretends to be a trusted third party.
  • Man-in-the-middle is a variation of masquerading where the attacker masquerades as both ends of the conversation to two targets.
  • Replay attack involves repeating a valid transmission, sometimes the entire attack, or replacing the content of the original message with malicious content.
  • There are four levels at which a system must be protected: Physical, Human, Operating System, and Network.
  • Physical security involves protecting against theft of data storage media, access to the root console, and general access to terminals in a computer room.
  • Human security involves ensuring that the humans who are allowed access to a system be trustworthy, and that they cannot be coerced into breaching security.
  • Operating System security involves protecting the OS from security breaches, such as runaway processes, memory-access violations, stack overflow violations, the launching of programs with excessive privileges, and many others.
  • Network security involves protecting the network itself from attack, and protecting the local system from attacks coming in through the network.
  • A Trojan Horse is a program that secretly performs some maliciousness in addition to its visible actions.
  • Some Trojan horses are deliberately written as such, and others are the result of legitimate programs that have become infected with viruses.
  • Another classic Trojan Horse is a login emulator, which records a users account name and password, issues a "password incorrect" message, and then logs off the system.
  • The user then tries again ( with a proper login prompt ), logs in successfully, and doesn't realize that their information has been stolen.
  • Spyware is a version of a Trojan Horse that is often included in "free" software downloaded off the Internet.
  • Trap Door is when a designer or a programmer ( or hacker ) deliberately inserts a security hole that they can use later to access the system.
  • Because of the possibility of trap doors, once a system has been in an untrustworthy state, that system can never be trusted again.
  • Even the backup tapes may contain a copy of some cleverly hidden back door.
  • Logic Bomb is code that is not designed to cause havoc all the time, but only when a certain set of circumstances occurs, such as when a particular date or time is reached or some other noticeable event.
  • Virus is a fragment of code embedded in an otherwise legitimate program, designed to replicate itself ( by infecting other programs ), and ( eventually ) wreaking havoc.
  • Viruses are delivered to systems in a virus dropper, usually some form of a Trojan Horse, and usually via e-mail or unsafe downloads.
  • A worm is a process that uses the fork / spawn process to make copies of itself in order to wreak havoc on a system.
  • Worms consume system resources, often blocking out other, legitimate processes.
  • Worms that propagate over networks can be especially problematic, as they can tie up vast amounts of network resources and bring down large-scale systems.
  • One of the most well-known worms was launched by Robert Morris, a graduate student at Cornell, in November 1988.
  • Targeting Sun and VAX computers running BSD UNIX version 4, the worm spanned the Internet in a matter of a few hours, and consumed enough resources to bring down many systems.
  • The Morris worm consisted of two parts: a small program called a grappling hook, which was deposited on the target system through one of three vulnerabilities, and the main worm program, which was transferred onto the target system and launched by the grappling hook program.
  • The three vulnerabilities exploited by the Morris Internet worm were rsh ( remote shell ), finger, and sendmail.
  • rsh ( remote shell ) is a utility that was in common use at that time for accessing remote systems without having to provide a password.
  • Many systems were configured so that any user ( except root ) on system A could access the same account on system B without providing a password.
  • finger is a utility that allows one to remotely query a user database, to find the true name and other information for a given account name on a given system.
  • Unfortunately the finger daemon ( which ran with system privileges ) had the buffer overflow problem, so by sending a special 536-character user name the worm was able to fork a shell on the remote system running with root privileges.
  • Port Scanning is technically not an attack, but rather a search for vulnerabilities to attack.
  • The basic idea of Port Scanning is to systematically attempt to connect to every known ( or common or possible ) network port on some remote machine, and to attempt to make contact.
  • Denial of Service ( DOS ) attacks do not attempt to actually access or damage systems, but merely to clog them up so badly that they cannot be used for any useful work.
  • On a network, a rogue computer ( or e-mail sender ) may spoof their identity, and outgoing packets are delivered to a lot of other computers besides their ( intended ) final destination, which brings up two big questions of security: Trust and Confidentiality.
  • Cryptography can help with both of these problems, through a system of secrets and keys.