11-Integrity
Download
Report
Transcript 11-Integrity
INTEGRITY & POLICY
Leticia Nisbett
Lauren Walters
Andrew Yao
Overview
Leticia – Basic Integrity and Writing Policies
to ensure integrity
Lauren – Access controls Security Models,
and Integrity Tools
Andrew – Applications to Case Study and
Examples
2
What is Integrity?
Integrity is a VERY important security
requirement
Protecting your information is highest priority
protecting integrity of your network is critical in
ability to protect the information it contains.
Can be defined in a number of ways…..
3
How would you define Integrity?
4
Definitions of Integrity
Integrity requires that computer system
assets and transmitted information be
capable of modification only by authorized
parties.
not modified by unauthorized persons
not created by unauthorized persons
5
Integrity
In cryptography and information security
integrity refers to the validity of data.
Integrity can be compromised in two main ways:
Malicious altering
Attacker alters account number in a bank transaction
Forging an identity document
Accidental altering
Transmission errors: “my name Leticia and u have a car”
Harddisk crash
** According to Wikipedia
6
Integrity 2
In telecommunication, the term data integrity has the following
meanings:
The condition in which data are identically maintained during any
operation, such as transfer, storage, and retrieval.
The preservation of data for their intended use.
Specifically, data integrity in a relational database is concerned
with three aspects of the data in a database:
Accuracy
Correctness
Validity
*** according to Wikipedia
7
What happens if integrity is
compromised?
Modification is an attack on integrity
Modification: the data is changed, delayed or
reordered to produce an unauthorized,
undesired effect.
A breach in the integrity of your network can
be extremely costly in time and effort, and it
can open multiple avenues for continued
attacks.
8
Network Considerations
When considering what to protect within your network, you are concerned with
maintaining the integrity of:
This Integrity involves
the physical network
your network software
any other network resources
your reputation
the verifiable identity of computers and users
proper operation of the services that your network provides
and optimal network performance
all these concerns are important in maintaining a productive network
environment.
9
Common Methods of Attack on
Integrity
The four methods of attack that are
commonly used to compromise the integrity
of a network:
Network packet sniffers
IP spoofing
Password attacks
Application layer attacks
10
Network Packet Sniffers
Network packet sniffers can yield critical system information,
such as user account information and passwords.
When an attacker obtains the correct account information, he or
she has the run of your network.
Worst-case scenario
an attacker gains access to a system-level user account
creates a new account that can be used at any time as a back
door
can modify system-critical files such as:
the password for the system administrator account
the list of services and permissions on file servers
the login details for other computers that contain confidential
information.
11
Network Packet Sniffers 2
Packet sniffers provide information about the topology of your
network that many attackers find useful. such as
what computers run which services
how many computers are on your network
which computers have access to others
A network packet sniffer can be modified
to interject new information
change existing information in a packet.
Attack can cause network connections to shut down prematurely,
as well as change critical information within the packet.
Imagine modification to the accounting system
12
IP Spoofing
IP spoofing can yield access to user accounts and
passwords, and it can also be used in other ways.
Attacker emulates one of your internal users in ways that
prove embarrassing for your organization
Such attacks are easier when an attacker has a
user account and password
Are possible by combining simple spoofing attacks
with knowledge of messaging protocols.
Telnetting directly to the SMTP port on a system allows the
attacker to insert bogus sender information.
13
Password Attacks
A brute-force password attack can provide access to
accounts that can be used to modify critical network
files and services.
Can compromise network's integrity
Once an attacker gets the password and gains access to
the system
he can modify the routing tables for the network.
attacker ensures that all network packets are routed to him
or her before they are transmitted to their final destination
14
Application Layer Attacks
Application Layer attacks can be implemented using
several different methods.
A common method is exploiting well-known weaknesses in
software commonly found on servers, such as sendmail,
PostScript, and FTP.
By exploiting these weaknesses, attackers can gain access
to a computer with the permissions of the account running
the application
usually a privileged system-level account
15
Application Layer Attacks
Trojan horse attacks
implemented using bogus programs that attacker
substitutes for common programs.
programs provide all functionality of a normal application or
service
also include other features that are known to
the attacker
programs can capture sensitive information and distribute it
back to the attacker
16
Network considerations when
defining security policies
Three main types of networks must be
considered when defining a security policy
Trusted
Un-trusted
Unknown.
17
Trusted Networks
Networks inside your network security perimeter.
Networks that you are trying to protect.
Someone in the organization administers the computers that
comprise these networks (most times)
Organization controls their security measures.
Usually, trusted networks are within the security perimeter.
To set up firewall server
explicitly identify the type of networks that are attached to the
firewall server through network adapter cards
After the initial configuration, the trusted networks include the
firewall server and all networks behind it.
One exception to this general rule is the inclusion of virtual private
networks (VPNs)
18
Un-trusted Networks
Networks known to be outside your security
perimeter.
Un-trusted because they are outside your control
No control over the administration or security policies for
these sites
Private, shared networks from which you are trying to
protect your network
Still need and want to communicate with these networks
although they are un-trusted.
To set up the firewall server
explicitly identify the un-trusted networks from which that
firewall can accept requests
19
Unknown Networks
Networks that are neither trusted nor un-trusted.
Unknown quantities to the firewall because you cannot
explicitly tell the firewall server that the network is a trusted
or un-trusted
Unknown networks exist outside your security perimeter
By default, all non-trusted networks are considered
unknown networks, and the firewall applies the security
policy that is applied to the Internet node in the user
interface, which represents all unknown networks.
20
Establishing a Security Perimeter
When you define a network security policy,
you must define procedures to safeguard
your network and its contents and users
against loss and damage.
A network security policy plays a role in
enforcing the overall security policy defined
by an organization.
21
Establishing a Security Perimeter
A critical part of an overall security solution is a network firewall
Perimeter routers are found at any network boundary
between private networks, intranets, extranets, or the Internet.
Firewalls most commonly separate internal (private) and external
(public) networks.
A network security policy focuses on controlling the network traffic and
usage
monitors traffic crossing network perimeters
imposes restrictions according to security policy.
identifies a network's resources and threats
defines network use and responsibilities
details action plans for when the security policy is violated
When a network security policy is deployed it should be strategically
enforced at defensible boundaries within your network. These strategic
boundaries are called perimeter networks.
22
Three Types of Perimeter Networks Exist:
Outermost, Internal, and Innermost
23
Example Two-Perimeter Network Security Design
24
Developing Your Security Design
The design of the perimeter network and
security policies require certain subjects to be
addressed.
25
Important considerations for
defining a security policy
1. Know your enemy
2. Count the cost
3. Identify any assumptions
4. Control your secrets
5. Human factors
6. Know your weakness
7. Limit the scope of access
8. Understand your environment
9. Limit your trust
10. Remember physical security
11. Make security pervasive
26
Know Your Enemy
Know attackers or intruders.
Consider who might want to circumvent your security measures
Identify their motivations.
Determine what they might want to do and the damage that they
could cause to your network.
Security measures can never make it impossible for a user to
perform unauthorized tasks with a computer system; they can
only make it harder.
The goal is to make sure that the network security controls are
beyond the attacker's ability or motivation.
27
Count the Cost
Security measures usually reduce convenience, especially for
sophisticated users.
Security can delay work and can create expensive administrative
and educational overhead.
Security can use significant computing resources and require
dedicated hardware.
When you design your security measures, understand their costs
and weigh those costs against the potential benefits.
To do that, you must understand the costs of the measures
themselves and the costs and likelihood of security breaches. If
you incur security costs out of proportion to the actual dangers,
you have done yourself a disservice.
28
Identify Any Assumptions
Every security system has underlying
assumptions.
For example, you might assume that your network
is not tapped, that attackers know less than you
do, that they are using standard software, or that
a locked room is safe. Be sure to examine and
justify your assumptions. Any hidden assumption
is a potential security hole.
29
Control Your Secrets
Most security is based on secrets.
Eg. Passwords and encryption keys
Too often, the secrets are not all that secret. The most important
part of keeping secrets is in knowing the areas that you need to
protect.
What knowledge would enable someone to circumvent your
system?
You should jealously guard that knowledge and assume that
everything else is known to your adversaries.
The more secrets you have, the harder it will be to keep them
all. Security systems should be designed so that only a limited
number of secrets need to be kept.
30
Human Factors
Many security procedures fail because their designers do not consider
how users will react to them.
Automatically generated nonsense passwords often written on the
undersides of keyboards- difficult to remember
A secure door that leads to the system's only tape drive is sometimes
propped open- for convenience
Unauthorized modems are often connected to a network to avoid onerous
dial-in security measures- for expediency
If security measures interfere with essential use of the system they will
be resisted and perhaps circumvented.
To get compliance, make sure users can get their work done, and must
emphasize (sell) security measures to users. Users must understand
and accept the need for security.
31
Human Factors 2
Users can compromise system security, at least to some degree
Passwords can be found out simply by calling legitimate users on the
telephone claiming to be a system administrator, and asking for them.
If your users understand security issues, and if they understand the
reasons for your security measures, they are far less likely to make an
intruder's life easier.
At minimum
Users should be taught never to release passwords or other secrets over
unsecured telephone lines or e-mail
Users should be wary of people who call them on the telephone and ask
questions
Some companies have implemented formalized network security
training so that employees are not allowed access to the Internet until
they have completed a formal training program
32
Know Your Weaknesses
Every security system has vulnerabilities.
You should understand your system's weak points and know
how they could be exploited.
You should also know the areas that present the greatest
danger and should prevent access to them immediately.
Understanding the weak points is the first step toward
turning them into secure areas.
33
Limit the Scope of Access
You should create appropriate barriers in your
system so that if intruders access one part of
the system, they do not automatically have
access to the rest of the system.
The security of a system is only as good as
the weakest security level of any single host
in the system.
34
Understand Your Environment
Understanding how your system normally
functions, knowing what is expected and
what is unexpected, and being familiar with
how devices are usually used will help you
detect security problems.
Noticing unusual events can help you catch
intruders before they can damage the
system. Auditing tools can help you detect
those unusual events.
35
Limit Your Trust
You should know exactly which software you
rely on, and your security system should not
have to rely on the assumption that all
software is bug-free.
36
Remember Physical Security
Physical access to a computer (or a router) usually
gives a sufficiently sophisticated user total control
over that computer.
Physical access to a network link usually allows a
person to tap that link, jam it, or inject traffic into it. It
makes no sense to install complicated software
security measures when access to the hardware is
not controlled.
37
Make Security Pervasive
Administrators, programmers, and users
should consider the security implications of
every change they make.
Understanding the security implications of a
change takes practice; it requires lateral
thinking and a willingness to explore every
way that a service could potentially be
manipulated.
38
Ten suggested ways to improve
the security of your computer!!!
****http://web.mit.edu/ist/topics/security/pamphlets/tensteps.pdf
39
1. patch, Patch, PATCH!
Set up your machine for automatic updates.
For Windows:
For Macs
Start Menu>Control Panel>Services>Windows
Update: set to automatic
System Preferences>Software Update: set to
daily or weekly.
For Red Hat Linux, refer to:
http://mit.edu/ist/topics/Linux/rhn.html
40
2. Install anti-virus software.
Install the appropriate version of the antivirus
software for your computer.
Set it to scan your files on a regular basis.
*** software is available on IS&T’s Getting Started CD or at http://web.mit.edu/software
41
3. Choose strong passwords.
Some suggestions for choosing strong
passwords!!??
42
3. Choose strong passwords.
Choose strong passwords by picking letter, number,
and special characters to create a mental image or
an acronym that is easy for you to remember.
Change passwords regularly.
Do not reuse your password among different
accounts. It’s bad if your email account is hacked,
it’s even worse if it’s your email account AND your
bank account.
***http://web.mit.edu/network/passwords.html
43
DEMO
MAC Password Helper
44
4. backup, Backup, BACKUP!
Backing up your data on a regular basis
helps protect you from the unexpected.
Ask yourself how many days of work you are
willing to lose if your computer is
compromised and the hackers decide to
overwrite your disk space with their favorite
movies and music.
***http://web.mit.edu/net-security/www/faq.html#backup
45
5. Control access to your machine.
Don’t leave your machine unattended and
logged on.
Don’t leave your PDA unattended in public
places.
Disable guest accounts, and delete unused
accounts in a timely manner.
***More information on securing your Windows machine can be found at
http://web.mit.edu/ist/topics/windows
46
6. Use email safely.
Filter your spam e-mail.
Check with the sender when receiving unexpected
attachments from people you know.
Never open attachments from people you don’t
know.
Always use your virus scanner on any attachment
before opening it.
***MIT Spam Screening is described at http://web.mit.edu/ist/services/email/nospam
47
7. Use secure connections.
Using a secure connection is essential. On the Internet
your data is vulnerable unless you do something to
protect it.
For Linux, SSH and SCP are best for secure logins
and secure file transfers.
For Windows, use Filezilla and SecureFX for file
transfers, Host Explorer and SecureCRT for secure
remote logins.
***http://web.mit.edu/net-security/www/faq.html#secure-connections
48
8. Encrypt sensitive files.
Sensitive data is frequently stored on your
hard drives. Protecting the data can protect
you from identity theft.
Encrypt sensitive files.
Have password-protected documents.
49
9. Use desktop firewalls.
Apple Mac OS X and Microsoft Windows XP
have basic desktop firewalls as part of their
operating systems. It is recommended that
users activate these firewalls unless there are
known software conflicts.
50
10.Stay informed.
To stay current with the latest developments
for Windows, Macs, and *nix systems,
subscribe to the security-fyi mailing list by
visiting
http://mailman.mit.edu/mailman/listinfo/securityfyi
51
Access Controls
Mandatory Access Control
Discretionary Access Control
Role-Based Access Control
52
Mandatory Access Control
The MAC technique protects and contains
computer processes, data, and system
devices from being misused.
53
Mandatory Access Control
Four modes of security operation
Dedicated Security Mode
All users can access ALL data.
System-High Security Mode
All users can access SOME data, based on their need to
know.
Compartmented Security Model
All users can access SOME data, based on their need to
know and formal access approval.
Multilevel Security Mode
All users can access SOME data, based on their need to
know, clearance and formal access approval.
54
Discretionary Access Control
DAC defines basic access control policies to
objects at the discretion of the object’s
owner.
MAC and DAC can be applied
to the same file
55
Role-Based Access Control
RBAC is an new alternative approach to MAC
and DAC
Access Control is determined by the job
function, not the individual staff member.
56
Access Control
In your opinion, which is the better method for
access control?
MAC,
DAC,
and/or RBAC
57
Security Models
Security models are an important concept in
the design and analysis of secure computer
systems
Examples of security models
Information Flow Model*
Biba Security Model*
Clark-Wilson Model*
Chinese Wall Model
The Bell-LaPadula Model
58
Information Flow Model
The Information flow model is a variation of
the access control model
This model attempts to control the transfer of
information from one object to another which
is constrained by the two objects’ security
attributes
Information can flow to the same or
higher level of security
59
The Biba Model
The Biba Integrity Model describes read and
write restrictions based on integrity classes of
subject and objects
Two main principles:
A subject can write to an object only if the integrity
access class of the subject is larger than the
integrity class of the object
A subject can read an object only if the integrity
access class of the subject is less than that of the
integrity class of the object
60
The Biba Model*
Layer of
Higher Secrecy
Contaminated
Read
Write
Get
Contaminated
Layer of
Simple
Integrity
Lower Secrecy
Integrity
Star
Property
Property
*Official (isc)2 Guide to the CISSP Exam
61
The Clark-Wilson Model
The model address integrity requirements which are
based on process and data integrity
The model identifies three rules of integrity
Unauthorized users should not make changes
Authorized users should not make unauthorized changes
The system should maintain internal and external
consistency
Enforce policies by
Well-formed transactions
Separation of duties
62
The Clark-Wilson Model
Data
Constrained data items (CDI)
Unconstrained data items (UDI)
Procedures
Integrity verification procedure (IVP)
Transformation procedure (TP)
63
Example of CW Model
1.
2.
3.
Purchasing clerk creates an order for a supply,
sending copies to the supplier and the receiving
department.
Upon receiving the items, a receiving clerk checks
the delivery and, if all is well, signs a delivery form.
Then the delivery form and original order form will
go to the accounting department.
Supplier sends an invoice to the accounting
department. The accounting clerk will compare
the invoice with the original order and delivery
form and issues a check to the supplier.
64
Example of CW Model
Users?
Constrained Data?
Purchasing clerk
Receiving clerk
Supplier
Accounting clerk
Order
Delivery form
Invoice
check
Transformation Procedures?
Create order, Send order
Create delivery form, Send delivery form, Sign delivery form
Create invoice, Send invoice
Compare invoice to order
And so on…
65
Tools
Integrity Management Software
Anti-Virus Software
66
Integrity Management Software
Encryption is most commonly used for
secrecy but it can also be used for integrity.
Check for integrity by specifically utilizing…
Hash functions
Digital Signatures
File Size
Example
Tripwire Enterprise
67
Hash Functions
A public function that maps a plaintext message of
any length to a fixed length hash value
Are used as an authenticator
Pros
Cons
Offers integrity
No confidentiality
Examples
CRC
MD5
SHA-1
68
Cyclic Redundancy Check
CRC is a type of hash function that is utilized
to create a checksum
Useful for error detection, CRC cannot be
relied upon to verify data integrity
Example of Tools solely use CRC
Crckit
69
Message-Digest Algorithm 5
MD5 is a popular cryptographic function with
a 128-bit hash value
Utilized in a variety of security applications
Also commonly used for checking the
integrity of files
It is computationally unrealistic to find two
messages that have the same message
digest
70
Secure Hash Algorithm
SHA is a set of related cryptographic hash
functions
SHA-1 is the most commonly used for a large
variety of security applications and protocols
SHA-1 is considered the successor to MD5
71
Digital Signatures
Digital signatures also known as public-key
digital signature is an encryption scheme
utilizing public key cryptography
This method has two complementary
algorithms, one for signing and the other for
verification, and the output of this process is
a digital signature
72
Tripwire Enterprise
http://www.tripwire.com/
Captures a baseline of server file systems,
desktop file systems, directory servers and
network device configurations in a known
good state, and then automatically performs
integrity checks that compare current states
against baselines to detect changes.
Tripwire Demo
73
Examples of
Integrity Management Software
Advanced CheckSum Verifier (ACSV)
Advanced Intrusion Detection
Environment (AIDE)
Cambia CM
Crckit
FileCheckMD5
FTimes
Hashdig
Integrit
Intrusec CM
Jacksum
LANGuard Security Integrity Monitor
MD5 Hashing Utilities
Md5deep
Nabou
NIST_Crc
Radmind
Samhain
Secure Hash Signature Generator
Sentinel
Sha_verify
Spidernet
SysCheck
Sysdiff
Tripwire - Commercial
Tripwire – OpenSource
Veracity System Integrity Assurance
ViperDB
Yafic
Winalysis
WinInterrogate
Xintegrity
74
Anti-virus Software
The techniques for detecting a virus include
Checking unexpected increases in file size
Noting changes in timestamps
Sudden decreases in free space
Calculating checksums
Saving images on the internal control tables
and noting unexplained changes
75
Examples of
Anti-virus Software
AntiVir PersonalEdition
Classic
AVAST 4 Home Edition
AVG Free Edition
Bullguard Antivirus
Software, Firewall and
Backup
Command Antivirus
F-Prot Antivirus for
Windows
F-Secure
Kaspersky Anti-Virus
McAfee VirusScan 2006
NOD32 Antivirus System
v2.0
Norton AntiVirus 2002
Panda Titanium Antivirus
2004
PC-cillin Internet Security
2004
Platinum Internet Security
2005
Rising AntiVirus
Virex
Windows Live OneCare
76
Case Study - Integrity
Hamlet:
Being thus be-netted round with villanies,-I sat me down,
Devised a new commission, wrote it fair:
He should the bearers put to sudden death.
I had my father's signet in my purse,
Which was the model of that Danish seal;
Subscribed it, gave't the impression, placed it safely,
The changeling never known.
77
Case study - Attacks
Attacks on integrity
alter teleprompter speeches/
presentation slides
alter scheduling
alter voting results
alter outgoing media reports
attacker
outsider
could be other media or
Attackers
“The cold passed reluctantly from the earth,
and the retiring fogs revealed an army
stretched out on the hills, resting.”
- The Red Badge of Courage
79
Case study - Outside attacker
Henry is a member of a small revolutionary
anarchist group
Assigned to disrupt the event using information
warfare tactics.
Attacks from an open wireless network at a public
library.
80
“How you gonna call yourself a revolutionary… and you ain’t got
no poems?”
-Dewey
QuickTime™ and a
H.263 decompressor
are needed to see this picture.
81
Case study - Attacker 1 recon
Scan port 0-65535 with an aggressive stealth scan with OS and
application fingerprinting.
# nmap -sS -F -P0 -O -T4 -v –A –p0-65535 [event network address]
Starting nmap 3.50 ( http://www.insecure.org/nmap/ )
[...]
Interesting ports on contractor2.event.net (XX.227.165.100):
(The 65535 ports scanned but not shown below are in state: filtered)
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 3.7.1p1 (protocol 1.99)
Running: Linux 2.4.X
OS details: Linux 2.4.18 (x86)
Uptime 316.585 days
[...]
82
Preventing recon
Only open service on the network:
contractor left an SSH server running.
How can we prevent the attacker from
finding it?
83
Preventing recon cont’d
At the firewall, prevent all incoming
connections
Use NAT so internal boxes are not Internet
addressable
Put a firewall between Ops and Organization
in case a contractor is compromised or
malicious.
Policy that no one may run listening servers
without IT authorization.
84
Finding vulnerabilities
Henry looks up OpenSSH 3.7.1p1 on various security websites
such as SecurityFocus BID and OSVDB.org.
http://www.kb.cert.org/vuls/id/602204
When PAM and SSHv1 are enabled, OpenSSH 3.7.1p1 has a
vulnerability that allows an attacker to login to any account by
using a null password.
85
Exploiting OpenSSH
psyche> ssh -1 root@ contractor2.event.net
The authenticity of host ‘contractor2.event.net (XX.227.165.212)'
can't be established.
RSA1 key fingerprint is
2d:fb:27:e0:ab:ad:de:ad:ca:fe:ba:be:53:02:28:38.
Are you sure you want to continue connecting (yes/no)? yes
[email protected]'s password:
# whoami
root
How could we prevent this?
86
Preventing OpenSSH Exploit
How could we prevent this?
Keep on top of patch management
automated scan when they connect to the
network
Use “PermitRootLogin no” in sshd_config to
prevent root login
87
Dictionary attack on SSH
Henry uses hydra to attempt to do a dictionary attack and
guess a user’s password.
$ hydra -L names.txt -P passwords.txt
contractor2.event.net ssh2
Hydra v5.2 (c) 2006 by van Hauser / THC - use allowed only
for legal purposes.
[DATA] 400000 tasks, 1 servers, 400000 login tries
(l:1/p:2), ~1 tries per task
[DATA] attacking service ssh2 on port 22
[STATUS] attack finished for contractor2.event.net
(waiting for childs to finish)
[22][ssh2] host: XX.227.165.212 login: test
password:
trustno1
88
Preventing Dictionary Attack
Unable to guess a password for root, but did
get user ‘test’ with password ‘trustno1’ (Fox
Mulder’s password on The X-Files)
How to prevent this attack?
89
Preventing Dictionary Attack cont’d
Choose strong passwords on all accounts,
not just root
Enforceable by having IT people run hydra?
Ban an IP address for some length of time
after a certain number of failed attempts.
90
Privilege Escalation
Henry has a user level shell on the
contractor’s box.
Inside the firewall, uses same dictionary
attack technique to get a user account on the
podium server.
Wants to alter the presentations, but can’t
with current privileges.
91
Privilege Escalation
$ uname -a
Linux podium.event.net 2.4.18 #3-i686+-UP (034) i686 i386
GNU/Linux
This is a relatively old kernel version, and there is a
privilege escalation vulnerability in versions below
2.4.22.
http://www.kb.cert.org/vuls/id/301156
An integer overflow vulnerability in the brk system call.
92
Privilege Escalation
He downloads and uses a publicly available
exploit to get root privileges.
As root, he subtly modifies the saved
presentations for several presenters in an
embarrassing way.
How to prevent this?
93
Preventing Privilege
Escalation
Again patch management, even on computers which
are supposedly safe because they’re inside the
firewall
Use Tripwire or other integrity checking programs to
detect modifications to sensitive files
But?
Minimize set of programs which are setuid or run as
root
Backups on removable media
94
Attacking the Media: LAN
attacks
Media share a wired network.
Many network attacks available when on the
same network.
ARP poisoning to sniff or do MITM
Alter or forge media reports
http://en.wikipedia.org/wiki/ARP_spoofing
95
LAN attacks
SSL not foolproof if MITM possible.
Animation at
http://crimemachine.com/Tuts/Flash/SSLMITM.html
96
Preventing LAN attacks
Static ARP/Port Security
Detect ARP poisoning with arpwatch
But?
But?
Train them not to click through SSL warnings
Media connect to home base with VPN
97
Social Engineering
“There was much food for thought in the
manner in which he replied. He came near to
convincing them by disdaining to produce
proofs.”
-The Red Badge of Courage
98
Social Engineering
http://en.wikipedia.org/wiki/The_Yes_Men
Set up a fake WTO website. Invited to speak on
behalf of the WTO at events, including a CNBC
news program.
Successfully impersonated a Dow Chemical
spokesman on BBC television, at a London banking
conference, and at Dow’s annual shareholder
meeting
In this case study, attacker could speak at event, or
could fool the media into printing lies.
How to prevent this?
99
Preventing social engineering
Educate staff to authenticate people and data
Run live tests with fake conmen
100
Case study conclusion
It’s about quality, y’all.
And mad loot for yours truly.
101