Bruce Schneier Attack trees

Bruce Schneier Attack trees - Click to edit Master subtitle...

Info iconThis preview shows pages 1–13. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Click to edit Master subtitle style Looking at Vulnerabilities Dave Dittrich University of Washington dittrich @ cac.washington.edu http://staff.washington.edu/dittrich/ Overview n Background attack concepts n Your typical look at n Vulnerabilities, Risk vs. Cost n A (real!) complex attack scenario n A different view of vulnerabilities n Trust relationships n Attack trees Stepping Stones Internet Relay Chat (IRC) IRC w/Bots&BNCs Distributed Denial of Service (DDoS) Networks Typical DDoS attack DDoS Attack Traffic (1) One Day Traffic Graph DDoS Attack Traffic (2) One Week Traffic Graph DDoS Attack Traffic (3) One Year Traffic Graph SANS Top 20 Vulnerabilities n Windows Top 10 1. Internet Information Server (IIS) 2. Microsoft Data Access Server (MDAC) 3. SQL Server 4. NETBIOS 5. Anonymous login/null session 6. LAN Manager Authentication (Weak LM hash) 7. General Windows Authentication (Accounts w/o pwd, bad pwd) Internet Explorer n Unix Top 10 1. Remote Procedure Call (RPC) services 2. Apache Web Server 3. Secure Shell (SSH) 4. Simple Network Management Protocol (SNMP) 5. File Transfer Protocol (FTP) 6. Berkeley r utilities (trust relationships) 7. Line Printer Daemon (LPD) Sendmail http://www.sans.org/top20/ High Low 1980 1985 1990 1995 2001 password guessing password cracking exploiting known vulnerabilities disabling audits back doors hijacking sessions sniffers packet spoofing GUI automated probes/scans denial of service www attacks Tools Attackers Intruder Knowledge Attack Sophistication stealth / advanced scanning techniques burglaries network mgmt. diagnostics distributed attack tools binary encryption Source: CERT/CC (used w/o permission & modified...
View Full Document

Page1 / 33

Bruce Schneier Attack trees - Click to edit Master subtitle...

This preview shows document pages 1 - 13. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online