misusing open services on the internet
play

Misusing Open Services on the Internet Jelte Fennema Ben de Graaff - PowerPoint PPT Presentation

Apr 03, 2023 •340 likes •740 views

Misusing Open Services on the Internet Jelte Fennema Ben de Graaff University of Amsterdam Supervisor: Rick van Galen (KPMG) February 3, 2016 Introduction Approach Proof of concept Results Scanning the Internet Conclusion References

  1. Misusing Open Services on the Internet Jelte Fennema Ben de Graaff University of Amsterdam Supervisor: Rick van Galen (KPMG) February 3, 2016

  2. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Introduction Open service: no authentication or default credentials Relevant: more than 35,000 open MongoDB instances Exposing 685 TB (last December [1]) More than just data leaks – example: botnet command and control Misusing Open Services on the Internet 2/24 Jelte Fennema, Ben de Graaff

  3. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References A problem for devops and software developers “Memcached does not spend much, if any, effort in ensuring its defensibility from random Internet connections. So you must not expose Memcached directly to the Internet.” – Memcached documentation “Everybody has privileges to do anything. Neat.” — CouchDB security documentation Misusing Open Services on the Internet 3/24 Jelte Fennema, Ben de Graaff

  4. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Research goals ◮ What are settings that lead to exploitable services? ◮ What are the operations required when exploiting an open service as a command & control server? ◮ What are best practices for default configurations and authentication? Misusing Open Services on the Internet 4/24 Jelte Fennema, Ben de Graaff

  5. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Approach For various software packages... ◮ Examine configuration (weaknesses?) ◮ Tool to scan level of access ◮ Proof of concept: botnet command & control Misusing Open Services on the Internet 5/24 Jelte Fennema, Ben de Graaff

  6. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Approach For various software packages... ◮ Examine configuration (weaknesses?) ◮ Tool to scan level of access ◮ Proof of concept: botnet command & control Scanning the Internet ◮ Shodan ◮ ZMap and our own scan tool Misusing Open Services on the Internet 5/24 Jelte Fennema, Ben de Graaff

  7. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Software classes ◮ Relational databases: MySQL, MariaDB, PostgreSQL Misusing Open Services on the Internet 6/24 Jelte Fennema, Ben de Graaff

  8. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Software classes ◮ Relational databases: MySQL, MariaDB, PostgreSQL ◮ NoSQL databases: MongoDB, CouchDB Misusing Open Services on the Internet 6/24 Jelte Fennema, Ben de Graaff

  9. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Software classes ◮ Relational databases: MySQL, MariaDB, PostgreSQL ◮ NoSQL databases: MongoDB, CouchDB ◮ Key-value store: Redis, Memcached Misusing Open Services on the Internet 6/24 Jelte Fennema, Ben de Graaff

  10. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Software classes ◮ Relational databases: MySQL, MariaDB, PostgreSQL ◮ NoSQL databases: MongoDB, CouchDB ◮ Key-value store: Redis, Memcached ◮ Message queue: RabbitMQ Misusing Open Services on the Internet 6/24 Jelte Fennema, Ben de Graaff

  11. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Software classes ◮ Relational databases: MySQL, MariaDB, PostgreSQL ◮ NoSQL databases: MongoDB, CouchDB ◮ Key-value store: Redis, Memcached ◮ Message queue: RabbitMQ ◮ Printing protocols: CUPS (and IPP printers) Misusing Open Services on the Internet 6/24 Jelte Fennema, Ben de Graaff

  12. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Proof of concept Simple botnet simulation (communication channel): ◮ Botnet operator sends signed commands to one bot or all bots ◮ Bots execute commands, write back encrypted results Operator Bot Operator Write Read Setup command command Read result Write result Misusing Open Services on the Internet 7/24 Jelte Fennema, Ben de Graaff

  13. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Impact on the Internet What is the impact on the Internet? Is configuration security a factor? Misusing Open Services on the Internet 8/24 Jelte Fennema, Ben de Graaff

  14. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Configuration security PostgreSQL Memcached RabbitMQ MongoDB CouchDB MySQL CUPS Redis Localhost (in config) Y Y Y N Y Y N N Not public (default) Y N Y N Y N N N Table 1: Comparison of security settings for the software packages Misusing Open Services on the Internet 9/24 Jelte Fennema, Ben de Graaff

  15. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Configuration security PostgreSQL Memcached RabbitMQ MongoDB CouchDB MySQL CUPS Redis Localhost (in config) Y Y Y N Y Y N N Not public (default) Y N Y N Y N N N Authentication by default Y Y Y Y N N N N No public creds or anon Y Y Y Y N N N N Table 1: Comparison of security settings for the software packages Misusing Open Services on the Internet 9/24 Jelte Fennema, Ben de Graaff

  16. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Configuration security PostgreSQL Memcached RabbitMQ MongoDB CouchDB MySQL CUPS Redis Localhost (in config) Y Y Y N Y Y N N Not public (default) Y N Y N Y N N N Authentication by default Y Y Y Y N N N N No public creds or anon Y Y Y Y N N N N Host-based access control Y Y Y Y N N N N Table 1: Comparison of security settings for the software packages Misusing Open Services on the Internet 9/24 Jelte Fennema, Ben de Graaff

  17. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Configuration security PostgreSQL Memcached RabbitMQ MongoDB CouchDB MySQL CUPS Redis Localhost (in config) Y Y Y N Y Y N N Not public (default) Y N Y N Y N N N Authentication by default Y Y Y Y N N N N No public creds or anon Y Y Y Y N N N N Host-based access control Y Y Y Y N N N N Authentication always on N Y N Y N N N N Table 1: Comparison of security settings for the software packages Misusing Open Services on the Internet 9/24 Jelte Fennema, Ben de Graaff

  18. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Configuration security PostgreSQL Memcached RabbitMQ MongoDB CouchDB MySQL CUPS Redis Localhost (in config) Y Y Y N Y Y N N Not public (default) Y N Y N Y N N N Authentication by default Y Y Y Y N N N N No public creds or anon Y Y Y Y N N N N Host-based access control Y Y Y Y N N N N Authentication always on N Y N Y N N N N Minimal steps to make open 3 2 3 1 1 1 0 0 Table 1: Comparison of security settings for the software packages Misusing Open Services on the Internet 9/24 Jelte Fennema, Ben de Graaff

  19. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Configuration security PostgreSQL Memcached RabbitMQ MongoDB CouchDB MySQL CUPS Redis Localhost (in config) Y Y Y N Y Y N N Not public (default) Y N Y N Y N N N Authentication by default Y Y Y Y N N N N No public creds or anon Y Y Y Y N N N N Host-based access control Y Y Y Y N N N N Authentication always on N Y N Y N N N N Minimal steps to make open 3 2 3 1 1 1 0 0 Steps to make public/secure 3 2 3 1 3 3 1 2 Table 1: Comparison of security settings for the software packages Misusing Open Services on the Internet 9/24 Jelte Fennema, Ben de Graaff

  20. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Percentage of open services exposed to the Internet 100% Open with limited access Open 80% Percentage of open services 60% 40% 20% 0% PostgreSQL CUPS RabbitMQ CouchDB MongoDB Redis Memcached IPP Software packages Figure 1: Percentages of open services. Misusing Open Services on the Internet 10/24 Jelte Fennema, Ben de Graaff

  21. Introduction Approach Proof of concept Results Scanning the Internet Conclusion References Combined results L d Q e Q B B h S M D c D e a o r t h S c g i g b c s m P t n i b u d s P U o e o a o e M M P P C R C R I Localhost (in config) Y Y N Y Y N N – Not public (default) Y Y N Y N N N – Authentication by default Y Y Y N N N N – No public creds or anon Y Y Y N N N N – Host-based access control Y Y Y N N N N – Authentication always on N N Y N N N N – Minimal steps to make open 3 3 1 1 1 0 0 – Steps to make public/secure 3 3 1 3 3 1 2 – Percentage open 2% 21% 22% 72% 71% 37% 98% 81% With full access 2% 1% 22% 18% 71% 37% 98% – Table 2: Combined comparison of software packages Misusing Open Services on the Internet 11/24 Jelte Fennema, Ben de Graaff

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

open platform, open tools and open data for an open Internet Tiziana Refice (tiziana@google.com)

open platform, open tools and open data for an open Internet Tiziana Refice (tiziana@google.com)

open platform, open tools and open data for an open Internet Tiziana Refice (tiziana@google.com) ISMA 2012 What & who is M-Lab? Measurement Lab (M-Lab) is a collaborative, researcher-driven effort to empower Internet users , researchers ,

483 views • 17 slides
THE INTERNET IS FOR EVERYONE Join us to keep the Internet open, thriving, and benefitting people

THE INTERNET IS FOR EVERYONE Join us to keep the Internet open, thriving, and benefitting people

THE INTERNET IS FOR EVERYONE Join us to keep the Internet open, thriving, and benefitting people around the globe. Conference on Global Internet Interconnection Center for Information Technology Policy Princeton University 11 March 2016

517 views • 20 slides
TravelSpirit and the Open Internet of Mobility Open internet of mobility Call SmartCard

TravelSpirit and the Open Internet of Mobility Open internet of mobility Call SmartCard

TravelSpirit and the Open Internet of Mobility Open internet of mobility Call SmartCard Contactless App Data Payment MaaS Journey Platform Operator Planner aggregator facilitator Service planner Open data feeds Platform

339 views • 7 slides
THE INTERNET IS FOR EVERYONE Join us to keep the Internet open, thriving, and benefitting people

THE INTERNET IS FOR EVERYONE Join us to keep the Internet open, thriving, and benefitting people

THE INTERNET IS FOR EVERYONE Join us to keep the Internet open, thriving, and benefitting people around the globe. Our Mission To promote the open development, evolution, and use of the Internet for the benefit of all people throughout the

299 views • 25 slides
Open Service Compendium 13/05/2014| Service-centric Networking | Internet of Services Project 2015

Open Service Compendium 13/05/2014| Service-centric Networking | Internet of Services Project 2015

Open Service Compendium 13/05/2014| Service-centric Networking | Internet of Services Project 2015 Andromachi Vouimta, Julien Bergner, Jonas Anschlag, Ceren Sanli, Najeefa Nikhat Choudhury, Mehdi Ben Fadhel, Henning Vogt, Kamran Ali Agenda 1.

452 views • 22 slides
The Value of an Open Internet for India Research Questions What is the value of the internet

The Value of an Open Internet for India Research Questions What is the value of the internet

Key findings of the report The Value of an Open Internet for India Research Questions What is the value of the internet in India? Does an open internet increase its value? If yes, what is the value of an open internet for India?

426 views • 32 slides
Efficient Private Matching and Set Intersection We think patients are misusing Here too..

Efficient Private Matching and Set Intersection We think patients are misusing Here too..

A Story Efficient Private Matching and Set Intersection We think patients are misusing Here too.. prescriptions to obtain drugs Mike Freedman, NYU Kobbi Nissim, MSR But, what about HIPAA? We could share our lists Benny Pinkas, HP

307 views • 7 slides
Open Broadband, LLC Better Internet. Better North Carolina. http://openbb.net 704-237-0102 Open

Open Broadband, LLC Better Internet. Better North Carolina. http://openbb.net 704-237-0102 Open

Open Broadband, LLC Better Internet. Better North Carolina. http://openbb.net 704-237-0102 Open Broadband Footprint March 2019 Open Broadband Deployment Model - Hybrid Multiple Carriers Network Hub(s) Leased Fiber Circuit(s) Charlotte Data

380 views • 12 slides
Misusing the Type System for & Ian Dees @undees PNSQC 2015 Brewing for

Misusing the Type System for & Ian Dees @undees PNSQC 2015 Brewing for

Misusing the Type System for & Ian Dees @undees PNSQC 2015 Brewing for Maintainability Our contaminants: s k a e l y r o m Failing e M regression tests C r a s h e s Poor repeatability Data corruption s e h

1.55k views • 137 slides
Future Internet of Services Future Internet of Services 3 Perspective From a TAS 3 Perspective

Future Internet of Services Future Internet of Services 3 Perspective From a TAS 3 Perspective

Future Internet of Services Future Internet of Services 3 Perspective From a TAS 3 Perspective From a TAS Danny De Cock TAS 3 Project Coordinator Slides available from http://godot.be/slides Email: Danny.DeCock@esat.kuleuven.be Future

252 views • 12 slides
Logical A Architecture f for O Open B Banki king, I Internet n not r required Open Banking

Logical A Architecture f for O Open B Banki king, I Internet n not r required Open Banking

Logical A Architecture f for O Open B Banki king, I Internet n not r required Open Banking TPP private Aggregator TPP TPP Bank Bank PoP Mainframe Equinix Cloud Exchange Network Functions TPP Firewall Security: Data Cache &

628 views • 18 slides
Etisalat DNS Internet Core Services By Mohamed Albanna Manager/ Internet Core Services Outline

Etisalat DNS Internet Core Services By Mohamed Albanna Manager/ Internet Core Services Outline

Etisalat DNS Internet Core Services By Mohamed Albanna Manager/ Internet Core Services Outline 1. Introduction 2. DNS setup (1996 - 2015) 3. Challenges 4. DNS Modernization Plan (2015 2017) 5. Performance Indicators 6. Future Plan 1

313 views • 17 slides
Collaborative Security Reflections about Security and the Open Internet NLUUG Najaarsconferentie

Collaborative Security Reflections about Security and the Open Internet NLUUG Najaarsconferentie

Collaborative Security Reflections about Security and the Open Internet NLUUG Najaarsconferentie 2015 19 November 2015 www.internetsociety.org Mission: To promote the open development, evolution, f o e c and use of the Internet r u t

547 views • 27 slides
Towards an Open Framework of E-Services for Translation Business, Training, and Research by the

Towards an Open Framework of E-Services for Translation Business, Training, and Research by the

Towards an Open Framework of E-Services for Translation Business, Training, and Research by the example of Terminology Services Tatiana Gornostay, Tilde Open framework of e-services for translation Open Based on open standards Free for

512 views • 8 slides
Almond: Keeping the Internet Open with An Open-Source Virtual Assistant Monica Lam Computer

Almond: Keeping the Internet Open with An Open-Source Virtual Assistant Monica Lam Computer

Almond: Keeping the Internet Open with An Open-Source Virtual Assistant Monica Lam Computer Science Department Stanford University lam@cs.stanford.edu With Giovanni Campagna, Michael Fischer, Mehrad Moradshahi, Rakesh Ramesh, Richard

755 views • 36 slides
Inside Firefox Robert O'Callahan robert@ocallahan.org Mozilla An open Internet An open Web A

Inside Firefox Robert O'Callahan robert@ocallahan.org Mozilla An open Internet An open Web A

Inside Firefox Robert O'Callahan robert@ocallahan.org Mozilla An open Internet An open Web A level playing field Our tool: Firefox Overview Why Web browsers are hard Mozilla development processes and tools Running a successful

350 views • 33 slides
Search-Based Testing of Relational Schema Integrity Constraints Across Multiple Database

Search-Based Testing of Relational Schema Integrity Constraints Across Multiple Database

Search-Based Testing of Relational Schema Integrity Constraints Across Multiple Database Management Systems Gregory M. Kapfhammer 1 & Phil McMinn 2 & Chris J. Wright 2 1 Allegheny College, USA 2 University of Sheffield, UK Sixth IEEE

1.82k views • 179 slides
2019 International Scholars address to NZEALS branches Professor David Giles 13 29 August

2019 International Scholars address to NZEALS branches Professor David Giles 13 29 August

2019 International Scholars address to NZEALS branches Professor David Giles 13 29 August 2019 Introduction Acknowledgements NZ South Australia Current role and status Teaching & Leadership experiences My research journey

572 views • 28 slides
Draft Budget Overview 2017-18 Presentation to the Board of Education March 21, 2017 Areas of

Draft Budget Overview 2017-18 Presentation to the Board of Education March 21, 2017 Areas of

Draft Budget Overview 2017-18 Presentation to the Board of Education March 21, 2017 Areas of Focus that Drive Our Improvement Every student by face and name. Every school, every classroom. PRIORITIZING EDUCATIONAL EQUITY To and through

437 views • 27 slides
Increase university acceptance rate Objective In order to increase the acceptance rate in

Increase university acceptance rate Objective In order to increase the acceptance rate in

Increase university acceptance rate Objective In order to increase the acceptance rate in the local university, our team aims to create a GUI that will implement the functions necessary to achieve the required 10% increase in the

730 views • 28 slides
Marianne Chitwood Director GlobalNOC Service Desk Luke Fowler Director Advanced Software

Marianne Chitwood Director GlobalNOC Service Desk Luke Fowler Director Advanced Software

Marianne Chitwood Director GlobalNOC Service Desk Luke Fowler Director Advanced Software Development Jon Paul Heron Director GlobalNOC Network Engineering Eldar Urumbaev Specialized Support Technician - SST 1 SOME CURRENT GMOC

402 views • 19 slides
Special Relativity Presentation to UCT Summer School Jan 2020 (Part 2 of 3) By Rob Louw

Special Relativity Presentation to UCT Summer School Jan 2020 (Part 2 of 3) By Rob Louw

Special Relativity Presentation to UCT Summer School Jan 2020 (Part 2 of 3) By Rob Louw roblouw47@gmail.com 1 Te Test your understanding of simultaneity Jan is a railway worker working for South African Railways. He has ingeniously

1.68k views • 151 slides
Solar Object 2.4 - Finding the Sun Prophead100 (Gregg Erickson) Options to Track Sun Timer

Solar Object 2.4 - Finding the Sun Prophead100 (Gregg Erickson) Options to Track Sun Timer

Solar Object 2.4 - Finding the Sun Prophead100 (Gregg Erickson) Options to Track Sun Timer Motor (always on, 1 axis only) Power Curve Tracking (clear days only) Paired Light Sensors ( searches, not predictive ) Shadow Camera

632 views • 22 slides
Neutron Imaging Detector based on the PIC Joe Parker Cosmic Ray Group, Kyoto University JPS

Neutron Imaging Detector based on the PIC Joe Parker Cosmic Ray Group, Kyoto University JPS

JPS Fall Meeting, Toyama University, 22 Sep 2011 Neutron Imaging Detector based on the PIC Joe Parker Cosmic Ray Group, Kyoto University JPS Fall Meeting, Toyama University, 22 Sep 2011 KYOTO UNIVERSITY, COSMIC RAY GROUP J.D. Parker, K.

288 views • 24 slides

More recommend