Date post: | 20-Aug-2015 |
Category: |
Technology |
Upload: | lounge47 |
View: | 326 times |
Download: | 0 times |
internet security
Past, present and future
Tamaghna Basu
www.tbasu.com
Disclaimer!
The content of this presentation and techniques showed here are for educational purpose only The organizers and presenters do not encourage the attendees to use this knowledge learned here for any malicious and illegal purpose.
If the attendees use this knowledge for any kind of real hacking or illegal activity which violates the law, then we, the organizers and the presenters will not be responsible for that or any further consequences.
Confidentiality- data security
Integrity- digital signature and audit trails
Availability- load balancing, throttling
CIA Triad
Integrity
CCTV
How ?
• IP addresses and the links of the
CCTVs’ pages are found in
Google search results.
• Even CCTVs inside homes
could be visible.
Web Cams &Video Chat
Clickjacking -
A new threat to all browsers (IE, Firefox,
Safari, Opera, Chrome etc) except non-interactive browsers like Lynx.
Hijacking your click. Clicking on something
hidden to the users.
Enable webcam, microphone.
Get your credentials.
Mostly a flash and iframe based vulnerability.
Discussed in OWASP - 2008
Types of hackers
BlackHat
•Malicious, destructive
WhiteHat
•Security professionals
ScriptKiddie
•Sometimes referred to as n00bz
????
Why heart bleed? TLS HearBeat Extension.
The vulnerability lies in the implementation of TLS
Heartbeat extension. There is common necessity
in an established ssl session to maintain the
connection for a longer time. The HeartBeat
protocol extension is added to TLS for this reason.
The HTTP keep-alive feature does the same but HB
protocol allows a client to perform this action in
much higher rate.
The client can send a Heart-Beat request message
and the server has to respond back with a
HearBeat response .
Why heart bleed?
buffer = OPENSSL_malloc(1 + 2 + payload +
padding);
SOURCE : https://github.com/openssl/openssl/commit/96db9023b881d7cd9f379b0c154650d6c108e9a3#diff-2
• We can leak 64 kb of memory and that could easily have usernames/password,
private keys etc.
• Constant HB request could be made to the server leaking (random memory)
any amount of data from the server .
Fix
• The fix to this bug was to simply bound check the payload + padding length to
not exceed 16 bytes .
Summary
Port Status
21 TLS Error
22 Connection Refused
25 TLS Error
53 Connection Refused
80 Large Record Received
443 Certificate error
Summary
Port Status
21 TLS Error
22 Connection
Refused
25 TLS Error
53 Connection
Refused
80 Large
Record
Received
443 Certificate
error
Port Status
21 TLS Error
22 Connection
Refused
25 TLS Error
53 Connection
Refused
80 Large
Record
Received
443 Certificate
error