IT 223 Ch 11

How can you prevent SQL injection?

- Use of Prepared Statements (with Parameterized Queries - Use of Stored Procedures - White List Input Validation - Don't build queries as strings using data from outside - use parameterized queries or stored procedures - Use least privilege idea

What is an Industrial Control System?

- control pieces of a nation's critical infrastructure -typically communicate using proprietary and common networking protocols •(also has microcodes within them)

What is a Cross Site Scripting vulnerability?

Allowing Cross Site Scripting (XSS) where one user's input can appear on the page of another user is a serious vulnerability •

Which buffer exploits dynamically-allocated memory?

Heap-based exploitation

What is a MITM?

Man in the Middle personal information can be captured in real-time. SSL protects against this ... mostly

What is PGP? What are its characteristics?

Pretty Good Privacy security for email It is a package of cryptographic tools for use with email. It includes encryption and decryption, digital signature generation and verification, and key management services. uses public-key cryptography uses symmetric cryptography uses hashes uses compression Each public key is bound to an e-mail address.

o What causes SQL injection- ROOT CAUSE?

Root cause - building a SQL query as a text string using data from outside the application (e.g. user input).

Email uses what protocol? What port?

SMTP (simple mail, transfer protocol) port 25

What is SNMP?

Simple Network Management Protocol A framework for sending and receiving messages. Messages read (GET) or update (SET) values defined in an object database (MIB). Just define general not specific objects

Where is the vulnerability with Skype?

Skype calls traversing PSTN networks however are not encrypted Instant messages in Skype use Transport level security

Which buffer overwrites the return address so execution continues at an attacker-chosen location?

Stack Overflow

What are the two types of buffer overflows?

Stack and Heap

What happens (the payload) when a buffer overflow occurs?

The attacker sends more data than the programmer allowed for. The excess data is carefully crafted to overwrite the return address with the address of a memory location somewhere in the excess data. That address is the start of a sequence of instructions chosen by the attacker - payload starts a command shell

What is the root cause of a buffer overflow?

The programmer failed to check the amount of data to be copied before executing the copy instruction sequence

What are security issues with VoIP?

Traffic routed over open internet - Gateway security options limited - VOIP relies on underlying network security

What is SNMP's vulnerability? If I audit a network, which version do I want to see running on it?!

Use RMON probes (Remote Monitoring) to manage networks. Require ports to be left open and thus create some security vulnerabilities Version 3!!!!!!!

What is a buffer?

area of memory allocated by a process and typically used to hold data that is assembled before being sent out or has been received and will be processed. Data can be copied from memory outside the process (e.g. in network hardware) to a buffer in the process' memory pool

What are security issues with SipTab?

can intercept unencrypted SIP based VOIP traffic

What is a SQL Injection?

can occur when when an a hacker"injects" SQL code of his choosing into a SQL query within an application. The injected code may modify the existing query and/or concatenated additional queries with it.

How does approaching application security through the analysis of malicious software (malware) help us secure our applications/systems?

defensively - securing services, software and network components • Forensically - application security can be understood by malware analysis, b/c in that analysis important information about vulnerabilities is revealed • Offensively - SQL injections, and database hacks While the layers may help prevent the issues, ultimately it will be the players at the layers (sysadmins, lawyers, network engineers, etc.) who will have to deal with them.---- application layer at top, so has effect on others

What is meant by "spear phishing"?

email-spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information vigilant use of email helps this.

What is an iframe?

pop up on a web session and not be noticed. When the pop up they execute malicious code. Users do not usually see them.

What is a Redirector?

redirects you to another page freely out of the original website when accessed, usually integrated with a phishing attack

What are security issues with VoMIT?

siphons voice TCP/IP packets running on Cisco's phone system

what is a buffer overflow?

the source string is longer than the allocated buffer and will overwrite the following memory location/s

How does gaining root access impact application security?

then the attacker can execute applications at the highest most secure level. This is an access control issue, that system administrators must face (including LAN and WAN host hardening)

Types of SNMP's and what are the differences?

version 1- oldest and easiest to setup - all plaintext - very little security version 2 -adds support for 64 bit counters