Scanning (and some other no-tech hacking) Last Class - - PowerPoint PPT Presentation

scanning
SMART_READER_LITE
LIVE PREVIEW

Scanning (and some other no-tech hacking) Last Class - - PowerPoint PPT Presentation

Sep 16, 2023 460 likes •672 views

Scanning (and some other no-tech hacking) Last Class /usr/bin/johnjumbo on: Bugs.cs.unm.edu felix.cs.unm.edu roadrunner.cs.unm.edu yogi.cs.unm.edu coyote.cs.unm.edu mickey.cs.unm.edu goofy.cs.unm.edu

slide-1
SLIDE 1

Scanning

(and some other no-tech hacking)

slide-2
SLIDE 2

Last Class

  • /usr/bin/johnjumbo on:
  • Bugs.cs.unm.edu
  • felix.cs.unm.edu
  • roadrunner.cs.unm.edu
  • yogi.cs.unm.edu
  • coyote.cs.unm.edu
  • mickey.cs.unm.edu
  • goofy.cs.unm.edu
  • porky.cs.unm.edu
  • wimpy.cs.unm.edu
  • olive.cs.unm.edu
  • bluto.cs.unm.edu
slide-3
SLIDE 3

Today’s Class

  • Scanning the Internet for research
  • Scanning the Internet for “research”
  • Other no-tech hacking
slide-4
SLIDE 4

Definitions:

  • domain name:
  • google.com
  • unm.edu
  • a registrable entity on the web under the control of a single entity or organization
  • domain registrar:
  • an entity that domains are registered with
  • domain registry:
  • an entity that maintains a list of all domains that are registered with a top level

domain

  • top level domain (TLD)
  • COM
  • EDU
  • The top level of the domain name system
slide-5
SLIDE 5

Definitions

  • Domain Name System (DNS):
  • a system that maps domain name to IP address
  • IP address:
  • a routable address on the Internet
  • Name server:
  • A server that maps domains to IP addresses
slide-6
SLIDE 6

Definitions

  • Hosting Provider:
  • Have some servers.
  • Responsible for some IP addresses
  • AS:
  • Autonomous system
  • Routes group of IP addresses on Internet
slide-7
SLIDE 7

Whois

slide-8
SLIDE 8

How to Measure the Internet?

slide-9
SLIDE 9

How to Measure the Internet?

  • Number of domain names?
  • unm.edu —> cs.unm.edu, www.unm.edu, etc.
  • Number of IP addresses?
  • One IP address might be multiple devices (NAT)
  • other?
slide-10
SLIDE 10

Why?

  • To see how big it is
  • To see how influential it is
  • To see how insecure it is
  • To see where the insecurities lie
slide-11
SLIDE 11

Google Dork

  • Google indexes a big part of the web.
  • Google search has a bunch of advance search
  • perators.
  • We can use them to find more than just pug

pictures.

  • https://www.exploit-db.com/google-hacking-

database/

slide-12
SLIDE 12

Shodan

  • “The search engine for the web”
  • https://www.shodan.io/
slide-13
SLIDE 13

Scanning for research

  • https://scans.io/
  • Looks for information related to various insecure

events or potential insecurities.

slide-14
SLIDE 14

TLS

  • TLS/SSL:
  • transport layer security/secure socket layer
  • encrypts messages
slide-15
SLIDE 15

TLS

slide-16
SLIDE 16

Heartbleed

  • Bug in heartbleed extension of OpenSSL

implementation of TLS

  • https://xkcd.com/1354/
  • http://heartbleed.com/
  • https://filippo.io/Heartbleed/
slide-17
SLIDE 17
slide-18
SLIDE 18

Measuring Patch Rate

slide-19
SLIDE 19

Comparison to Debian PRNG patch rate

slide-20
SLIDE 20

Experiments