security
play

Security Computer Center, CS, NCTU FreeBSD Security Advisories - PowerPoint PPT Presentation

Jun 10, 2023 •214 likes •552 views

Security Computer Center, CS, NCTU FreeBSD Security Advisories http://www.freebsd.org/security/advisories.html 2 Computer Center, CS, NCTU FreeBSD Security Advisories Advisory Security information Where to find it Web page

  1. Security

  2. Computer Center, CS, NCTU FreeBSD Security Advisories  http://www.freebsd.org/security/advisories.html 2

  3. Computer Center, CS, NCTU FreeBSD Security Advisories  Advisory • Security information  Where to find it • Web page (Security Advisories Channel)  http://www.freebsd.org 3

  4. Computer Center, CS, NCTU FreeBSD Security Advisories  Where to find it • freebsd-security-notifications Mailing list  http://lists.freebsd.org/mailman/listinfo/freebsd-security-notifications 4

  5. Computer Center, CS, NCTU FreeBSD Security Advisories  Example • nfs 5 CVE: Common Vulnerabilities and Exposures

  6. Computer Center, CS, NCTU FreeBSD Security Advisories  CVE-2017-3737 • https://nvd.nist.gov/vuln/detail/CVE-2018-6924 6 CVSS: Common Vulnerability Scoring System

  7. Computer Center, CS, NCTU FreeBSD Security Advisories  Example • Problem Description 7

  8. Computer Center, CS, NCTU FreeBSD Security Advisories  Example • Workaround 8

  9. Computer Center, CS, NCTU FreeBSD Security Advisories  Example • Solution  Upgrade to  Source code patch  Binary patch 9

  10. Computer Center, CS, NCTU Common Security Problems  Software bugs • FreeBSD security advisor • pkg audit  pkg-audit(8)  Unreliable wetware • Phishing site  Open doors • Account password • Disk share with the world 10

  11. Computer Center, CS, NCTU pkg audit (1)  pkg audit • Checks installed ports against a list of security vulnerabilities • pkg audit -F  -F: Fetch the current database from the FreeBSD servers.  Security Output 11

  12. Computer Center, CS, NCTU pkg audit (2)  pkg audit -F Fetching vuln.xml.bz2: 100% 694 KiB 710.2kB/s 00:01 libxml2-2.9.4 is vulnerable: libxml2 -- Multiple Issues CVE: CVE-2017-9050 CVE: CVE-2017-9049 CVE: CVE-2017-9048 CVE: CVE-2017-9047 CVE: CVE-2017-8872 WWW: https://vuxml.FreeBSD.org/freebsd/76e59f55-4f7a-4887-bcb0-11604004163a.html 1 problem(s) in the installed packages found.  http://www.freshports.org/<category>/<portname> • https://www.freshports.org/databases/postgresql96-server/ 12

  13. Computer Center, CS, NCTU pkg audit (3) 13

  14. Computer Center, CS, NCTU Common trick  Tricks • ssh scan and hack  ssh guard  sshit  … • Phishing • XSS & SQL injection • …  Objective • Spam • Jump gateway • File sharing • … 14

  15. Computer Center, CS, NCTU Process file system - procfs  Procfs • A view of the system process table • Normally mount on /proc • mount -t procfs proc /proc 15

  16. Computer Center, CS, NCTU Simple SQL injection example  Username/password authentication SELECT * FROM usrTable WHERE user = AND pass = ;  No input validation SELECT * FROM usrTable WHERE user = 'test' AND pass = 'a' OR 'a' = 'a' 16

  17. Computer Center, CS, NCTU setuid program  passwd zfs[~] -chiahung- ls -al /usr/bin/passwd -r-sr-xr-x 2 root wheel 8224 Dec 5 22:00 /usr/bin/passwd • /etc/master.passwd is of mode 600 (-rw-------) !  Setuid shell scripts are especially apt to cause security problems • Minimize the number of setuid programs /usr/bin/find / -user root -perm -4000 -print | /bin/mail -s "Setuid root files" username • Disable the setuid execution on individual filesystems  -o nosuid 17

  18. Computer Center, CS, NCTU Security issues  /etc/hosts.equiv and ~/.rhosts  Trusted remote host and user name DB • Allow user to login (via rlogin) and copy files (rcp) between machines without passwords • Format:  Simple: hostname [username]  Complex: [+-][hostname|@netgroup] [[+-][username|@netgorup]] • Example (trust user “ foo ” from host “ bar.com ” )  bar.com foo  +@adm_cs_cc (trust all from amd_cs_cc group)  +@adm_cs_cc -@chwong  Do not use this 18

  19. Computer Center, CS, NCTU Why not su nor sudo?  Becoming other users • A pseudo-user for services, sometimes shared by multiple users User_Alias newsTA=wangyr Runas_Alias NEWSADM=news newsTA ALL=(NEWSADM) ALL • sudo -u news -s (?) Too dirty! • /etc/inetd.conf  login stream tcp nowait root /usr/libexec/rlogind rlogind • ~notftpadm/.rhosts  localhost wangyr • rlogin -l news localhost 19

  20. Computer Center, CS, NCTU Security tools  nmap  john, crack  PGP  CA  …  Firewall  TCP Wrapper  … 20

  21. Computer Center, CS, NCTU TCP Wrapper  There are something that a firewall will not handle • Sending text back to the source  TCP wrapper • Extend the abilities of inetd  Provide support for every server daemon under its control • Logging support • Return message • Permit a daemon to only accept internal connetions 21

  22. Computer Center, CS, NCTU TCP Wrapper  TCP Wrapper • Provide support for every server daemon under its control 22

  23. Computer Center, CS, NCTU TCP Wrapper  To see what daemons are controlled by inetd, see /etc/inetd.conf #ftp stream tcp nowait root /usr/libexec/ftpd ftpd -l #ftp stream tcp6 nowait root /usr/libexec/ftpd ftpd -l #telnet stream tcp nowait root /usr/libexec/telnetd telnetd #telnet stream tcp6 nowait root /usr/libexec/telnetd telnetd shell stream tcp nowait root /usr/libexec/rshd rshd #shell stream tcp6 nowait root /usr/libexec/rshd rshd login stream tcp nowait root /usr/libexec/rlogind rlogind #login stream tcp6 nowait root /usr/libexec/rlogind rlogind  TCP wrapper should not be considered a replacement of a good firewall. Instead, it should be used in conjunction with a firewall or other security tools 23

  24. Computer Center, CS, NCTU TCP Wrapper  To use TCP wrapper 1. inetd daemon must start up with “ -Ww ” option (default) Or edit /etc/rc.conf inetd_enable="YES" inetd_flags="-wW" • Edit /etc/hosts.allow  Format: daemon:address:action – daemon is the daemon name which inetd started – address can be hostname, IPv4 addr, IPv6 addr action can be “ allow ” or “ deny ” – Keyword “ ALL ” can be used in daemon and address fields to means – everything 24

  25. Computer Center, CS, NCTU /etc/hosts.allow  First rule match semantic • Meaning that the configuration file is scanned in ascending order for a matching rule • When a match is found, the rule is applied and the search process will stop  example ALL : localhost, loghost @adm_cc_cs : allow ptelnetd pftpd sshd: @sun_cc_cs, @bsd_cc_cs, @linux_cc_cs : allow ptelnetd pftpd sshd: zeiss, chbsd, sabsd : allow identd : ALL : allow portmap : 140.113.17. ALL : allow sendmail : ALL : allow rpc.rstatd : @all_cc_cs 140.113.17.203: allow rpc.rusersd : @all_cc_cs 140.113.17.203: allow ALL : ALL : deny 25

  26. Computer Center, CS, NCTU /etc/hosts.allow  Advance configuration • External commands (twist option)  twist will be called to execute a shell command or script # The rest of the daemons are protected. telnet : ALL \ : severity auth.info \ : twist /bin/echo "You are not welcome to use %d from %h." • External commands (spawn option)  spawn is like twist, but it will not send a reply back to the client # We do not allow connections from example.com: ALL : .example.com \ : spawn (/bin/echo %a from %h attempted to access %d >> \ /var/log/connections.log) \ : deny 26

  27. Computer Center, CS, NCTU /etc/hosts.allow • Wildcard (PARANOID option)  Match any connection that is made from an IP address that differs from its hostname # Block possibly spoofed requests to sendmail: sendmail : PARANOID : deny  See • man 5 hosts_access • man 5 hosts_options 27

  28. Computer Center, CS, NCTU When you perform any change.  Philosophy of SA • Know how things really work. • Plan it before you do it. • Make it reversible • Make changes incrementally. • Test before you unleash it . 28

  29. Appendix

  30. Computer Center, CS, NCTU System Security Hardening Options (1/3)  Include various system hardening options during installation since FreeBSD 11.0-RELEASE • /usr/src/usr.sbin/bsdinstall/scripts/hardening 30

  31. Computer Center, CS, NCTU System Security Hardening Options (2/3)  Hide processes running as other users • security.bsd.see_other_uids=0 • Type: Integer, Default: 1  Hide processes running as other groups • security.bsd.see_other_gids=0 • Type: Integer, Default: 1  Disable reading kernel message buffer for unprivileged users • security.bsd.unprivileged_read_msgbuf=0 • Type: Integer, Default: 1  Disable process debugging facilities for unprivileged users • security.bsd.unprivileged_proc_debug=0 • Type: Integer, Default: 1 31

  32. Computer Center, CS, NCTU System Security Hardening Options (3/3)  Randomize the PID of newly created processes • kern.randompid=$(jot -r 1 9999)  Random PID modulus • Type: Integer, Default: 0  Insert stack guard page ahead of the growable segments • security.bsd.stack_guard_page=1 • Type: Integer, Default: 0  Clean the /tmp filesystem on system startup • clear_tmp_enable="YES" (/etc/rc.conf)  Disable opening Syslogd network socket (disables remote logging) • syslogd_flags="-ss" (/etc/rc.conf)  Disable Sendmail service • sendmail_enable="NONE" (/etc/rc.conf) 32

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Security Security as term, Possible Security violations Authentication Criteria for

Security Security as term, Possible Security violations Authentication Criteria for

BS1 WS19/20 topic-based slides Security Security as term, Possible Security violations Authentication Criteria for Trust in Computer Systems Three hearts of Windows Security DACLs A Look at Security System is secure if

988 views • 20 slides
CPSC410/611: Security Security Security Attacks Security Threats Crypto

CPSC410/611: Security Security Security Attacks Security Threats Crypto

CPSC 410 / 611 : Operating Systems CPSC410/611: Security Security Security Attacks Security Threats Crypto Authentication Examples SSL Security Threats Breach of confidentiality unauthorized access to

458 views • 18 slides
Biometrics and Security Biometrics and Security Biometrics and Security Biometrics and Security

Biometrics and Security Biometrics and Security Biometrics and Security Biometrics and Security

Biometrics and Security Biometrics and Security Biometrics and Security Biometrics and Security WS 06/07 Seminar Prof. Dr.-Ing. Jana Dittmann &amp; Dr.-Ing. Claus Vielhauer with support from Tobias Scheidat

419 views • 16 slides
1 X.800 Security Services X.800 Security Services X.800 Security Services Data integrity

1 X.800 Security Services X.800 Security Services X.800 Security Services Data integrity

Course Overview Course Requirements EECS 498-7/8 Cryptography and Network Security: www.citi.umich.edu/u/honey/security Principles and Practice (Third Edition) Computer Security Monday &amp; Friday, 9:00 10:30 William Stallings

670 views • 19 slides
A (re)introduction to Spring Security Agenda Before Spring Security: Acegi security

A (re)introduction to Spring Security Agenda Before Spring Security: Acegi security

A (re)introduction to Spring Security Agenda Before Spring Security: Acegi security Introducing Spring Security View layer security Whats coming in Spring Security 3 E-mail: craig@habuma.com Blog: http://www.springloaded.info

452 views • 19 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
Security Overview Security Goals The Attack Space Security Mechanisms

Security Overview Security Goals The Attack Space Security Mechanisms

CSCE Intro to Computer Systems Security Security Overview Security Goals The Attack Space Security Mechanisms Introduction to Cryptography Authentication Authorization Confidentiality Case Studies Security

472 views • 20 slides
SECURITY TESTING Towards a safer web world AGENDA 1. 3 WS OF SECURITY TESTING 2. SECURITY

SECURITY TESTING Towards a safer web world AGENDA 1. 3 WS OF SECURITY TESTING 2. SECURITY

SECURITY TESTING Towards a safer web world AGENDA 1. 3 WS OF SECURITY TESTING 2. SECURITY TESTING CONCEPTS 3. SECURITY TESTING TYPES 4. TOP 10 SECURITY RISKS Few Security Breaches Date: 2013-14 September 2016, while in negotiations to

404 views • 18 slides
Security Security with Distributed Systems Why Security? The need for security mechanisms in

Security Security with Distributed Systems Why Security? The need for security mechanisms in

Security Security with Distributed Systems Why Security? The need for security mechanisms in distributed systems arises from the desire to share resources Resources must be protected against unauthorized access, as enemies (attackers)

1.16k views • 67 slides
Security Overview Security Goals The Attack Space Security Mechanisms

Security Overview Security Goals The Attack Space Security Mechanisms

CPSC 410/611 Operating Systems Security Security Overview Security Goals The Attack Space Security Mechanisms Introduction to Cryptography Authentication Authorization Confidentiality Case Studies

419 views • 19 slides
International and Global Security 1 Peer Discussion What is security? 2 International

International and Global Security 1 Peer Discussion What is security? 2 International

International and Global Security 1 Peer Discussion What is security? 2 International Security What is security? Freedom from threats to core values? Contestation over referent object: Individual? State? System? How is security achieved?

715 views • 11 slides
Security 101 Definition of Information Security Information security is the protection of

Security 101 Definition of Information Security Information security is the protection of

Computing Services Information Security Office Security 101 Definition of Information Security Information security is the protection of information and systems from unauthorized access, disclosure, modification, destruction or disruption. The

469 views • 22 slides
Security Update Security Plans Our Security plans are For Official Use Only, Safety

Security Update Security Plans Our Security plans are For Official Use Only, Safety

Security Update Security Plans Our Security plans are For Official Use Only, Safety Sensitive Information Not for public or media release F.S. 119.071. Required by law, rule and regulation: Homeland Security Directive 5 and 8.

393 views • 11 slides
Com puter Security Part One Security as a subject Security is an old problem in the

Com puter Security Part One Security as a subject Security is an old problem in the

Com puter Security Part One Security as a subject Security is an old problem in the computing world, and are parallel to even older problems outside computing Required level of security is always related to what you protect

237 views • 23 slides
Introduction to Security Comm. Security Strategy Summary ITS335: IT Security Sirindhorn

Introduction to Security Comm. Security Strategy Summary ITS335: IT Security Sirindhorn

ITS335 Intro. to Security Concepts Threats, Attacks, Assets Introduction to Security Comm. Security Strategy Summary ITS335: IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 2

965 views • 34 slides
RadioNet Workshop on Future Trends in Radio Astronomy Instrumentation Monday 21 - Tuesday 22

RadioNet Workshop on Future Trends in Radio Astronomy Instrumentation Monday 21 - Tuesday 22

RadioNet Workshop on Future Trends in Radio Astronomy Instrumentation Monday 21 - Tuesday 22 September 2020 Dr. Reinhard Keller Max-Planck-Institute for Radioastronomy Bonn, GERMANY 18.09.2020 1 Advice for Attendees When joining the Zoom

241 views • 11 slides
Equity Release Here to help as always 1 Learning Objectives Obtain a good understanding of

Equity Release Here to help as always 1 Learning Objectives Obtain a good understanding of

An Overview of Equity Release Here to help as always 1 Learning Objectives Obtain a good understanding of Equity Release, its background and where the industry is heading Understand the different ways equity release can help your

430 views • 29 slides
Page 1 of 1 METRO HOLDINGS LIMITED 1HFY2012 RESULTS PRESENTATION November 16, 2011 Contents

Page 1 of 1 METRO HOLDINGS LIMITED 1HFY2012 RESULTS PRESENTATION November 16, 2011 Contents

Print this page Miscellaneous * Asterisks denote mandatory information Name of Announcer * METRO HOLDINGS LIMITED Company Registration No. 197301792W Announcement submitted on behalf of METRO HOLDINGS LIMITED Announcement is submitted

572 views • 45 slides
2015 Full Year Results 3 rd March 2016 Agenda Group results, capital Henry Engelhardt, CEO and

2015 Full Year Results 3 rd March 2016 Agenda Group results, capital Henry Engelhardt, CEO and

2015 Full Year Results 3 rd March 2016 Agenda Group results, capital Henry Engelhardt, CEO and dividends Geraint Jones, CFO Henry Engelhardt, CEO International Andrew Rose, compare.com CEO David Stevens, COO UK Noel Summerfield, Head of

914 views • 59 slides
S OCIAL N ETWORKS R OLE IN DEVELOPMENT P ART -3 Runa Sarkar IIM Calcutta runa@iimcal.ac.in

S OCIAL N ETWORKS R OLE IN DEVELOPMENT P ART -3 Runa Sarkar IIM Calcutta runa@iimcal.ac.in

S OCIAL N ETWORKS R OLE IN DEVELOPMENT P ART -3 Runa Sarkar IIM Calcutta runa@iimcal.ac.in Indian Institute of Technology Kanpur Commonwealth of Learning Vancouver MOOC on M4D 2013 Views and Experiences of Farmers North(143) South

316 views • 6 slides
Recently Adopted Wetland Rule Change LAC Jurisdiction (Env-Wt 103.27): OLD - LAC

Recently Adopted Wetland Rule Change LAC Jurisdiction (Env-Wt 103.27): OLD - LAC

Recently Adopted Wetland Rule Change LAC Jurisdiction (Env-Wt 103.27): OLD - LAC jurisdiction means the authority conferred by RSA 483:8 -a. III upon a local river management advisory committee relative to activities within a designated

331 views • 5 slides
Gainsharing Arrangements and Bundled Payments: OIG Advisory Opinion and Other Developments

Gainsharing Arrangements and Bundled Payments: OIG Advisory Opinion and Other Developments

Presenting a live 90 minute webinar with interactive Q&amp;A Gainsharing Arrangements and Bundled Payments: OIG Advisory Opinion and Other Developments Complying With Legal and Regulatory Requirements, Overcoming Implementation and Operational

636 views • 59 slides
Lisa M. Shaw Rural &amp; Small Libraries Specialist, Maine State Library, and Chair, ARSL

Lisa M. Shaw Rural &amp; Small Libraries Specialist, Maine State Library, and Chair, ARSL

Lisa M. Shaw Rural &amp; Small Libraries Specialist, Maine State Library, and Chair, ARSL Advocacy Committee Kate Brunner Children's Services Manager, Pine River Library (CO) and Regional Literacy Specialist, Southern Region at the Colorado

400 views • 26 slides

More recommend