SlideShare une entreprise Scribd logo

Security Tools Foss

Henrik Kramshøj
Henrik Kramshøj

FOSS Aalborg presentation

TechnologieActualités & Politique
1  sur  57
Télécharger pour lire hors ligne
Velkommen til Security Tools in Software Development FOSS Aalborg Henrik Lund Kramshøj hlk@security6.net http://www.security6.net Slides are available as PDF and are in Danish only, sorry c copyright 2009 Security6.net, Henrik Lund Kramshøj 1
˚ Formal Class Name Attribute Java Note Attribute Subclass C# C Package Ruby Class Name Class Name qualifier PHP T Class Groovy Attribute Component Attribute Operation Python Operation Lære om værktøjer der kan forbedre sikkerhed for produktionssystemer c copyright 2009 Security6.net, Henrik Lund Kramshøj 2
Internet - Here be dragons c copyright 2009 Security6.net, Henrik Lund Kramshøj 3
Matrix style hacking anno 2003 c copyright 2009 Security6.net, Henrik Lund Kramshøj 4
Trinity breaking in http://nmap.org/movies.html Meget realistisk http://www.youtube.com/watch?v=Zy5_gYu_isg c copyright 2009 Security6.net, Henrik Lund Kramshøj 5
buffer overflows et C problem ˚ Et buffer overflow er det der sker nar man skriver flere data end der er afsat plads til ˚ ˚ i en buffer, et dataomrade. Typisk vil programmet ga ned, men i visse tilfælde kan en angriber overskrive returadresser for funktionskald og overtage kontrollen. Stack protection er et udtryk for de systemer der ved hjælp af operativsystemer, pro- grambiblioteker og lign. beskytter stakken med returadresser og andre variable mod overskrivning gennem buffer overflows. StackGuard og Propolice er nogle af de mest kendte. c copyright 2009 Security6.net, Henrik Lund Kramshøj 6
Buffer og stacks Variables Stack buf: buffer 3 Program Function 1) Read data 2) Process data strcpy () 3) Continue { copy data return } main(int argc, char **argv) { char buf[200]; strcpy(buf, argv[1]); printf(quot;%snquot;,buf); } c copyright 2009 Security6.net, Henrik Lund Kramshøj 7
Overflow - segmentation fault 1000 Variables Stack buf: buffer overflow /bin/sh .... 1000 1000 1000 1000 3 Program Function 1) Read data 2) Process data strcpy () 3) Continue { copy data return } Bad function overwrites return value! Control return address Run shellcode from buffer, or from other place c copyright 2009 Security6.net, Henrik Lund Kramshøj 8
Exploits $buffer = quot;quot;; $null = quot;x00quot;; $nop = quot;x90quot;; $nopsize = 1; $len = 201; // what is needed to overflow, maybe 201, maybe more! $the_shell_pointer = 0xdeadbeef; // address where shellcode is # Fill buffer for ($i = 1; $i < $len;$i += $nopsize) { $buffer .= $nop; } $address = pack(’l’, $the_shell_pointer); $buffer .= $address; exec quot;$programquot;, quot;$bufferquot;; Demo exploit in Perl c copyright 2009 Security6.net, Henrik Lund Kramshøj 9
Hvordan finder man buffer overflow, og andre fejl Black box testing Closed source reverse engineering White box testing Open source betyder man kan læse og analysere koden Source code review - automatisk eller manuelt Fejl kan findes ved at prøve sig frem - fuzzing Exploits virker typisk mod specifikke versioner af software c copyright 2009 Security6.net, Henrik Lund Kramshøj 10
Forudsætninger Bemærk: alle angreb har forudsætninger for at virke Et angreb mod Telnet virker kun hvis du bruger Telnet Et angreb mod Apache HTTPD virker ikke mod Microsoft IIS Kan du bryde kæden af forudsætninger har du vundet! c copyright 2009 Security6.net, Henrik Lund Kramshøj 11
˚ Eksempler pa forudsætninger Computeren skal være tændt ˚ Funktionen der misbruges skal være slaet til Executable stack Executable heap Fejl i programmet alle programmer har fejl c copyright 2009 Security6.net, Henrik Lund Kramshøj 12
Software udvikling er nemt Software udvikling er nemt Du skal blot skrive perfekt kode første gang :-) Sikkerhed er svært Det er svært at skrive perfekt kode, om ikke umuligt ˚ Sa nu vil vi snakke om værktøjer til at forbedre situationen c copyright 2009 Security6.net, Henrik Lund Kramshøj 13
Part 1 Low hanging fruits - easy Højere kvalitet er mere sikkert c copyright 2009 Security6.net, Henrik Lund Kramshøj 14
Coding standards - style This file specifies the preferred style for kernel source files in the OpenBSD source tree. It is also a guide for preferred user land code style. These guidelines should be followed for all new code. In general, code can be considered “new code” when it makes up about 50more of the file(s) involved. ... Use queue(3) macros rather than rolling your own lists, whenever possible. Thus, the previous example would be better written: #include <sys/queue.h> struct foo { LIST_ENTRY(foo) link; /* Queue macro glue for foo lists */ struct mumble amumble; /* Comment for mumble */ int bar; }; LIST_HEAD(, foo) foohead; /* Head of global foo list */ OpenBSD style(9) c copyright 2009 Security6.net, Henrik Lund Kramshøj 15
Coding standards functions The following copies as many characters from input to buf as will fit and NUL terminates the result. Because strncpy() does not guarantee to NUL terminate the string itself, it must be done by hand. char buf[BUFSIZ]; (void)strncpy(buf, input, sizeof(buf) - 1); buf[sizeof(buf) - 1] = ’0’; Note that strlcpy(3) is a better choice for this kind of operation. The equivalent using strlcpy(3) is simply: (void)strlcpy(buf, input, sizeof(buf)); OpenBSD strcpy(9) c copyright 2009 Security6.net, Henrik Lund Kramshøj 16
Compiler warnings - gcc -Wall $ gcc -o demo demo.c demo.c: In function main: demo.c:4: warning: incompatible implicit declaration of built-in function strcpy $ gcc -Wall -o demo demo.c demo.c:2: warning: return type defaults to int demo.c: In function main: demo.c:4: warning: implicit declaration of function strcpy demo.c:4: warning: incompatible implicit declaration of built-in function strcpy demo.c:5: warning: control reaches end of non-void function Easy to do! c copyright 2009 Security6.net, Henrik Lund Kramshøj 17
No warnings = no errors? $ cat demo2.c #include <strings.h> int main(int argc, char **argv) { char buf[200]; strcpy(buf, argv[1]); return 0; } $ gcc -Wall -o demo2 demo2.c Der er stadig alvorlige fejl! c copyright 2009 Security6.net, Henrik Lund Kramshøj 18
Version control Versionsstyring og configuration management har mange fordele ˚ Hvem ændrede, hvornar og hvad Hvorfor blev der foretaget en ændring Med versionsstyring kan pre-commit hooks implementeres c copyright 2009 Security6.net, Henrik Lund Kramshøj 19
Subversion sample hooks scripts pre-commit - check • case-insensitive.py • check-mime-type.pl • commit-access-control.pl • commit-block-joke.py • detect-merge-conflicts.sh • enforcer • log-police.py • pre-commit-check.py • svnperms.py • verify-po.py http://subversion.tigris.org/tools_contrib.html http://svn.collab.net/repos/svn/trunk/contrib/hook-scripts/ c copyright 2009 Security6.net, Henrik Lund Kramshøj 20
Eksempel Enforcer In a Java project I work on, we use log4j extensively. Use of System.out.println() bypasses the control that we get from log4j, so we would like to discourage the addition of println calls in our code. We want to deny any commits that add a println into the code. The world being full of exceptions, we do need a way to allow some uses of println, so we will allow it if the line of code that calls println ends in a comment that says it is ok: System.out.println(quot;No log4j herequot;); // (authorized) http://svn.collab.net/repos/svn/trunk/contrib/hook-scripts/enforcer/enforcer c copyright 2009 Security6.net, Henrik Lund Kramshøj 21
Eksempel verify-po.py #!/usr/bin/env python quot;quot;quot;This is a pre-commit hook that checks whether the contents of PO files committed to the repository are encoded in UTF-8. quot;quot;quot; http://svn.collab.net/repos/svn/trunk/tools/hook-scripts/verify-po.py c copyright 2009 Security6.net, Henrik Lund Kramshøj 22
Part 2 Design for security - more work Sikkerhed er kun effektivt hvis det tænkes ind i design c copyright 2009 Security6.net, Henrik Lund Kramshøj 23
Secure Coding begynder med design Secure Coding: Principles and Practices af Mark G. Graff, Kenneth R. Van Wyk 2003 Architecture/design while you are thinking about the application Implementation while you are writing the application Operations After the application is in production Ca. 200 sider, men tætpakket med information. c copyright 2009 Security6.net, Henrik Lund Kramshøj 24
Sins in Software Security 19 Deadly Sins of Software Security af Michael Howard, David Leblanc, John Viega 2005 Obligatorisk læsning for alle udviklere ˚ Forfatterne har skrevet mange gode bøger bade før og efter Denne bog er præcis og giver overblik Ca. 270 sider, let at læse. Buffer Overruns, Format String Problems, Integer Overflows, SQL Injection, Command Injection, Failing to Handle Errors, Cross-Site Scripting, Failing to Protect Network Traf- fic, Magic URLs Hidden Form Fields, Improper Use of SSL and TLS, Weak Password- Based Systems, Failing to Store and Protect Data Securely, Information Leakage, Im- proper File Access, Trusting Network Name Resolution, Race Conditions, Unauthenti- cated Key Exchange, Cryptographically Strong Random Numbers, Poor Usability c copyright 2009 Security6.net, Henrik Lund Kramshøj 25
Part 3 Testing - more work now, less work in the long run Test1 Test2 Test3 Test4 Højere kvalitet er mere sikkert c copyright 2009 Security6.net, Henrik Lund Kramshøj 26
Hvorfor teste Finde fejl under udviklingen af software Sikre at software overholder krav til kvalitet Finde fejl senere! ˚ Undga at gamle fejl optræder igen! Test ofte c copyright 2009 Security6.net, Henrik Lund Kramshøj 27
Unit testing - laveste niveau public class TestAdder { public void testSum() { Adder adder = new AdderImpl(); assert(adder.add(1, 1) == 2); assert(adder.add(1, 2) == 3); assert(adder.add(2, 2) == 4); assert(adder.add(0, 0) == 0); assert(adder.add(-1, -2) == -3); assert(adder.add(-1, 1) == 0); assert(adder.add(1234, 988) == 2222); } } Kan bruges til at teste enkelte dele af en applikation Eksempel fra http://en.wikipedia.org/wiki/Unit_testing c copyright 2009 Security6.net, Henrik Lund Kramshøj 28
Hudson and friends Continous building and testing Finder løbende fejl - hurtig feedback c copyright 2009 Security6.net, Henrik Lund Kramshøj 29
Part 4 Analysis Brug al den hjælp du kan til at finde fejl c copyright 2009 Security6.net, Henrik Lund Kramshøj 30
Typer af analyse statisk analyse finder fejl uden at køre programmet typisk findes konstruktioner som indeholder fejl, brug af forkerte funktioner m.v. dynamisk analyse findes ved at køre programmet, typisk i et specielt miljø c copyright 2009 Security6.net, Henrik Lund Kramshøj 31
Statiske analyseværktøjer Flawfinder http://www.dwheeler.com/flawfinder/ RATS Rough Auditing Tool for Security, C, C++, Perl, PHP and Python PMD static ruleset based Java http://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis c copyright 2009 Security6.net, Henrik Lund Kramshøj 32
A Fool with a Tool is still a Fool 1. Run tool 2. Fix problems 3. Rinse repeat Fixing problems? char tmp[256]; /* Flawfinder: ignore */ strcpy(tmp, pScreenSize); /* Flawfinder: ignore */ Eksempel fra http://www.dwheeler.com/flawfinder/ c copyright 2009 Security6.net, Henrik Lund Kramshøj 33
PMD static ruleset based Java source code analyzer http://pmd.sourceforge.net/ Spøjs note: 2009-02-08 PMD 4.2.5: bug fixes, new rule, new Android ruleset c copyright 2009 Security6.net, Henrik Lund Kramshøj 34
Hard to do - manual analysis Hvorfor ikke bare programmere sikkert? Der er mange ressourcer tilgængelige: Websites: Secure Programming for Linux and Unix HOWTO http://www.dwheeler.com/secure-programs/ Bøger: 19 Deadly Sins of Software Security: Programming Flaws and How to Fix Them Michael Howard, David LeBlanc, John Viega + deres andre bøger Det er for svært, tager for lang tid! c copyright 2009 Security6.net, Henrik Lund Kramshøj 35
Feedback Sørg for feedback i jeres processer ˚ ˚ ˚ Maske nar I kun til denne del, sa sørg for at erfaringer opsamles for hvert projekt ˚ Læs ressourcer og lav design sa det bliver nemmere at sikre ˚ Fa antagelser = færre fejl c copyright 2009 Security6.net, Henrik Lund Kramshøj 36
Dynamic analysis ˚ compile time vs. at run time nogle fejl kan ikke findes pa compile-time ˚ ˚ Er du doven sa oversæt og kør programmet pa OpenBSD ;-) c copyright 2009 Security6.net, Henrik Lund Kramshøj 37
Part 5 Break it Use fuzzers, hackertools, improve security by breaking it c copyright 2009 Security6.net, Henrik Lund Kramshøj 38
Simple fuzzer $ for i in 10 20 30 40 50 >> do >> ./demo ‘perl -e quot;print ’A’x$iquot;‘ >> done AAAAAAAAAA AAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAA Memory fault AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA Memory fault AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA Memory fault Memory fault/segmentation fault - juicy! c copyright 2009 Security6.net, Henrik Lund Kramshøj 39
Fuzz Revisited Fuzz Revisited: A Re-examination of the Reliability of UNIX Utilities and Services We have tested the reliability of a large collection of basic UNIX utility programs, X-Window applications and servers, and networkservices. We used a simple testing method of subjecting these programs to a random inputstream. ... The result of our testing is that we can crash (with coredump) or hang (infiniteloop) over 40% (in the worst case) of the basic programs and over 25% of the X-Window applications. ... We also tested how utility programs checked their return codes from the memory allocation library routines by simulating the unavailability of virtual memory. We could crash almost half of the programs that we tested in this way. october 1995 c copyright 2009 Security6.net, Henrik Lund Kramshøj 40
Fuzzers cat /dev/random ˚ Et program der kan give forskelligt fejlbehæftet input som maske kan identificere fejl Jeg anbefaler bogen Fuzzing: Brute Force Vulnerability Discovery Michael Sutton, Adam Greene, Pedram Amini og tilhørende website Se: http://www.fuzzing.org/fuzzing-software c copyright 2009 Security6.net, Henrik Lund Kramshøj 41
Fri adgang til hackerværktøjer I 1993 skrev Dan Farmer og Wietse Venema artiklen Improving the Security of Your Site by Breaking Into it I 1995 udgav de softwarepakken SATAN Security Administrator Tool for Analyzing Networks We realize that SATAN is a two-edged sword - like many tools, it can be used for good and for evil purposes. We also realize that intruders (including wannabees) have much more capable (read intrusive) tools than offered with SATAN. ˚ Traditionen med abenhed er ført videre helt til idag Se http://sectools.org og http://www.packetstormsecurity.org/ c copyright 2009 Security6.net, Henrik Lund Kramshøj 42
Part 6 Enhance and secure runtime environment ˚ Sidste chance er pa afviklingstidspunktet c copyright 2009 Security6.net, Henrik Lund Kramshøj 43
Chroot, Jails and ˚ Der findes mange typer jails pa Unix Ideer fra Unix chroot som ikke er en egentlig sikkerhedsfeature • Unix chroot - bruges stadig, ofte i daemoner som OpenSSH • FreeBSD Jails • SELinux • ˚ Solaris Containers og Zones - jails pa steroider • VMware virtuelle maskiner, er det et jail? ˚ Hertil kommer et antal andre mader at adskille processer - sandkasser ˚ Husk ogsa de simple, database som _postgresql, Tomcat som tomcat, Postfix ˚ postsystem som _postfix, SSHD som sshd osv. - simple brugere, fa rettigheder c copyright 2009 Security6.net, Henrik Lund Kramshøj 44
Defense in depth - flere lag af sikkerhed root skift til root kræver gruppe wheel sudo kræver kodeord SSHD kræver nøgler firewall tillader kun SSH fra bestemte IP Forsvar dig selv med flere lag af sikkerhed! c copyright 2009 Security6.net, Henrik Lund Kramshøj 45
JVM security policies Udviklet sammen med Java Meget kendt ˚ ˚ Bade Silverlight og JavaFX laner fra denne type model c copyright 2009 Security6.net, Henrik Lund Kramshøj 46
Apache 6.0.18 catalina.policy (uddrag) // ========== WEB APPLICATION PERMISSIONS ===================================== // These permissions are granted by default to all web applications // In addition, a web application will be given a read FilePermission // and JndiPermission for all files and directories in its document root. grant { // Required for JNDI lookup of named JDBC DataSource’s and // javamail named MimePart DataSource used to send mail permission java.util.PropertyPermission quot;java.homequot;, quot;readquot;; permission java.util.PropertyPermission quot;java.naming.*quot;, quot;readquot;; permission java.util.PropertyPermission quot;javax.sql.*quot;, quot;readquot;; ... }; // The permission granted to your JDBC driver // grant codeBase quot;jar:file:$catalina.home/webapps/examples/WEB-INF/lib/driver.jar!/-quot; { // permission java.net.SocketPermission quot;dbhost.mycompany.com:5432quot;, quot;connectquot;; // }; Eksempel fra apache-tomcat-6.0.18/conf/catalina.policy c copyright 2009 Security6.net, Henrik Lund Kramshøj 47
Apple sandbox named generic rules ;; named - sandbox profile ;; Copyright (c) 2006-2007 Apple Inc. All Rights reserved. ;; ;; WARNING: The sandbox rules in this file currently constitute ;; Apple System Private Interface and are subject to change at any time and ;; without notice. The contents of this file are also auto-generated and not ;; user editable; it may be overwritten at any time. ;; (version 1) (debug deny) (import quot;bsd.sbquot;) (deny default) (allow process*) (deny signal) (allow sysctl-read) (allow network*) c copyright 2009 Security6.net, Henrik Lund Kramshøj 48
Apple sandbox named specific rules ;; Allow named-specific files (allow file-write* file-read-data file-read-metadata (regex quot;ˆ(/private)?/var/run/named.pid$quot; quot;ˆ/Library/Logs/named.log$quot;)) (allow file-read-data file-read-metadata (regex quot;ˆ(/private)?/etc/rndc.key$quot; quot;ˆ(/private)?/etc/resolv.conf$quot; quot;ˆ(/private)?/etc/named.conf$quot; quot;ˆ(/private)?/var/named/quot;)) ˚ Eksempel fra /usr/share/sandbox pa Mac OS X c copyright 2009 Security6.net, Henrik Lund Kramshøj 49
Gode operativsystemer Nyere versioner af Microsoft Windows, Mac OS X og Linux distributionerne inkluderer: • Buffer overflow protection • Stack protection, non-executable stack • Heap protection, non-executable heap • Randomization of parameters stack gap m.v. ˚ OpenBSD er nok naet længst og et godt eksempel http://www.openbsd.org/papers/ NB: meget af dette kræver relativt ny CPU og Memory Management Unit ˚ NB: meget fa embedded systemer eller operativsystemer til samme har beskyttelse! c copyright 2009 Security6.net, Henrik Lund Kramshøj 50
Informationssikkerhed Husk følgende: Sikkerhed kommer fra langsigtede intiativer Hvad er informationssikkerhed? ˚ Data pa elektronisk form ˚ Data pa fysisk form Social engineering - The Art of Deception: Controlling the Human Element of Security af Kevin D. Mitnick, William L. Simon, Steve Wozniak Informationssikkerhed er en proces c copyright 2009 Security6.net, Henrik Lund Kramshøj 51
˚ Spørgsmal? Henrik Lund Kramshøj hlk@security6.net http://www.security6.net ˚˚ I er altid velkomne til at sende spørgsmal pa e-mail c copyright 2009 Security6.net, Henrik Lund Kramshøj 52
FreeScan.dk - gratis portscanning http://www.freescan.dk c copyright 2009 Security6.net, Henrik Lund Kramshøj 53
Buffer overflows Hvis man vil lære at lave buffer overflows og exploit programmer er følgende doku- menter et godt sted at starte Smashing The Stack For Fun And Profit Aleph One Writing Buffer Overflow Exploits with Perl - anno 2000 Følgende bog kan ligeledes anbefales: The Shellcoder’s Handbook : Discovering and Exploiting Security Holes af Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte 2nd Edition , John Wiley & Sons, august 2007 ˚ NB: bogen er avanceret og saledes IKKE for begyndere! c copyright 2009 Security6.net, Henrik Lund Kramshøj 54
milw0rm - dagens buffer overflow http://milw0rm.com/ c copyright 2009 Security6.net, Henrik Lund Kramshøj 55
Metasploit Trinity brugte et exploit program Idag findes der samlinger af exploits som milw0rm Udviklingsværktøjerne til exploits er idag meget raffinerede! http://www.metasploit.com/ c copyright 2009 Security6.net, Henrik Lund Kramshøj 56
Reklamer: kursusafholdelse Følgende kurser afholdes med mig som underviser • IPv6 workshop - 1 dag Introduktion til Internetprotokollerne og forberedelse til implementering i egne netværk. • Wireless teknologier og sikkerhed workshop - 2 dage ˚ ˚ En dag med fokus pa netværksdesign og fornuftig implementation af tradløse netværk, samt inte- gration med hjemmepc og wirksomhedsnetværk. • Hacker workshop 2 dage Workshop med detaljeret gennemgang af hackermetoderne angreb over netværk, exploitprogram- mer, portscanning, Nessus m.fl. • Forensics workshop 2 dage ˚ ˚ Med fokus pa tilgængelige open source værktøjer gennemgas metoder og praksis af undersøgelse ˚ af diskimages og spor pa computer systemer • Moderne Firewalls og Internetsikkerhed 2 dage ˚ ˚ Informere om trusler og aktivitet pa Internet, samt give et bud pa hvorledes en avanceret moderne firewall idag kunne konfigureres. ˚ Se mere pa http://www.security6.net/courses.html c copyright 2009 Security6.net, Henrik Lund Kramshøj 57

Recommandé

Prelims Coverage for Int 213
Prelims Coverage for Int 213Prelims Coverage for Int 213
Prelims Coverage for Int 213Jeph Pedrigal
 
Directive-based approach to Heterogeneous Computing
Directive-based approach to Heterogeneous ComputingDirective-based approach to Heterogeneous Computing
Directive-based approach to Heterogeneous ComputingRuymán Reyes
 
Testing Apache Modules with Python and Ctypes
Testing Apache Modules with Python and CtypesTesting Apache Modules with Python and Ctypes
Testing Apache Modules with Python and CtypesMarkus Litz
 
Python
PythonPython
PythonVinayak Hegde
 
Java Programming Guide Quick Reference
Java Programming Guide Quick ReferenceJava Programming Guide Quick Reference
Java Programming Guide Quick ReferenceFrescatiStory
 
Gdb cheat sheet
Gdb cheat sheetGdb cheat sheet
Gdb cheat sheetPiyush Mittal
 
Animate
AnimateAnimate
Animatessuserf5429e
 
L Fu - Dao: a novel programming language for bioinformatics
L Fu - Dao: a novel programming language for bioinformaticsL Fu - Dao: a novel programming language for bioinformatics
L Fu - Dao: a novel programming language for bioinformaticsJan Aerts
 

Recommandé

Prelims Coverage for Int 213
Prelims Coverage for Int 213Prelims Coverage for Int 213
Prelims Coverage for Int 213Jeph Pedrigal
 
Directive-based approach to Heterogeneous Computing
Directive-based approach to Heterogeneous ComputingDirective-based approach to Heterogeneous Computing
Directive-based approach to Heterogeneous ComputingRuymán Reyes
 
Testing Apache Modules with Python and Ctypes
Testing Apache Modules with Python and CtypesTesting Apache Modules with Python and Ctypes
Testing Apache Modules with Python and CtypesMarkus Litz
 
Python
PythonPython
PythonVinayak Hegde
 
Java Programming Guide Quick Reference
Java Programming Guide Quick ReferenceJava Programming Guide Quick Reference
Java Programming Guide Quick ReferenceFrescatiStory
 
Gdb cheat sheet
Gdb cheat sheetGdb cheat sheet
Gdb cheat sheetPiyush Mittal
 
Animate
AnimateAnimate
Animatessuserf5429e
 
L Fu - Dao: a novel programming language for bioinformatics
L Fu - Dao: a novel programming language for bioinformaticsL Fu - Dao: a novel programming language for bioinformatics
L Fu - Dao: a novel programming language for bioinformaticsJan Aerts
 
02 c++g3 d
02 c++g3 d02 c++g3 d
02 c++g3 dmahago
 
Aizatulin poster
Aizatulin posterAizatulin poster
Aizatulin posteranesah
 
100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projects100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projectsPVS-Studio
 
Php On Java (London Java Community Unconference)
Php On Java (London Java Community Unconference)Php On Java (London Java Community Unconference)
Php On Java (London Java Community Unconference)Robin Fernandes
 
2004 Esug Prototalk
2004 Esug Prototalk2004 Esug Prototalk
2004 Esug Prototalkbergel
 
Workshop NGS data analysis - 3
Workshop NGS data analysis - 3Workshop NGS data analysis - 3
Workshop NGS data analysis - 3Maté Ongenaert
 
An Introduction to SPL, the Standard PHP Library
An Introduction to SPL, the Standard PHP LibraryAn Introduction to SPL, the Standard PHP Library
An Introduction to SPL, the Standard PHP LibraryRobin Fernandes
 
Cheat Sheet java
Cheat Sheet javaCheat Sheet java
Cheat Sheet javaarkslideshareacc
 
Buffer Overflow Prone Function Detection
Buffer Overflow Prone Function DetectionBuffer Overflow Prone Function Detection
Buffer Overflow Prone Function DetectionSanjay Rawat
 
Workshop NGS data analysis - 2
Workshop NGS data analysis - 2Workshop NGS data analysis - 2
Workshop NGS data analysis - 2Maté Ongenaert
 
Stagefright recorder part1
Stagefright recorder part1Stagefright recorder part1
Stagefright recorder part1fefe7270
 
IPC with Qt
IPC with QtIPC with Qt
IPC with QtMarius Bugge Monsen
 
Cp0675 03 may-2012-rm04
Cp0675 03 may-2012-rm04Cp0675 03 may-2012-rm04
Cp0675 03 may-2012-rm04Parth Mudgal
 
What is new and cool j2se & java
What is new and cool j2se & javaWhat is new and cool j2se & java
What is new and cool j2se & javaEugene Bogaart
 
Java 7 - New Features - by Mihail Stoynov and Svetlin Nakov
Java 7 - New Features - by Mihail Stoynov and Svetlin NakovJava 7 - New Features - by Mihail Stoynov and Svetlin Nakov
Java 7 - New Features - by Mihail Stoynov and Svetlin NakovSvetlin Nakov
 
PHP on Java (BarCamp London 7)
PHP on Java (BarCamp London 7)PHP on Java (BarCamp London 7)
PHP on Java (BarCamp London 7)Robin Fernandes
 
Aizatulin slides-4-3
Aizatulin slides-4-3Aizatulin slides-4-3
Aizatulin slides-4-3anesah
 
Dec297 2012
Dec297 2012Dec297 2012
Dec297 2012EPRE
 
Conservación de documentos
Conservación de documentosConservación de documentos
Conservación de documentosManuel Bedoya D
 
Pedro Heilbron
Pedro HeilbronPedro Heilbron
Pedro HeilbronCade Panama
 
Clara
ClaraClara
Claracarlosgrandbuldog
 
La niña
La niñaLa niña
La niñaequiporojo
 

Contenu connexe

Tendances

02 c++g3 d
02 c++g3 d02 c++g3 d
02 c++g3 dmahago
 
Aizatulin poster
Aizatulin posterAizatulin poster
Aizatulin posteranesah
 
100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projects100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projectsPVS-Studio
 
Php On Java (London Java Community Unconference)
Php On Java (London Java Community Unconference)Php On Java (London Java Community Unconference)
Php On Java (London Java Community Unconference)Robin Fernandes
 
2004 Esug Prototalk
2004 Esug Prototalk2004 Esug Prototalk
2004 Esug Prototalkbergel
 
Workshop NGS data analysis - 3
Workshop NGS data analysis - 3Workshop NGS data analysis - 3
Workshop NGS data analysis - 3Maté Ongenaert
 
An Introduction to SPL, the Standard PHP Library
An Introduction to SPL, the Standard PHP LibraryAn Introduction to SPL, the Standard PHP Library
An Introduction to SPL, the Standard PHP LibraryRobin Fernandes
 
Buffer Overflow Prone Function Detection
Buffer Overflow Prone Function DetectionBuffer Overflow Prone Function Detection
Buffer Overflow Prone Function DetectionSanjay Rawat
 
Workshop NGS data analysis - 2
Workshop NGS data analysis - 2Workshop NGS data analysis - 2
Workshop NGS data analysis - 2Maté Ongenaert
 
Stagefright recorder part1
Stagefright recorder part1Stagefright recorder part1
Stagefright recorder part1fefe7270
 
Cp0675 03 may-2012-rm04
Cp0675 03 may-2012-rm04Cp0675 03 may-2012-rm04
Cp0675 03 may-2012-rm04Parth Mudgal
 
What is new and cool j2se & java
What is new and cool j2se & javaWhat is new and cool j2se & java
What is new and cool j2se & javaEugene Bogaart
 
Java 7 - New Features - by Mihail Stoynov and Svetlin Nakov
Java 7 - New Features - by Mihail Stoynov and Svetlin NakovJava 7 - New Features - by Mihail Stoynov and Svetlin Nakov
Java 7 - New Features - by Mihail Stoynov and Svetlin NakovSvetlin Nakov
 
PHP on Java (BarCamp London 7)
PHP on Java (BarCamp London 7)PHP on Java (BarCamp London 7)
PHP on Java (BarCamp London 7)Robin Fernandes
 
Aizatulin slides-4-3
Aizatulin slides-4-3Aizatulin slides-4-3
Aizatulin slides-4-3anesah
 

Tendances (17)

02 c++g3 d
02 c++g3 d02 c++g3 d
02 c++g3 d
 
Aizatulin poster
Aizatulin posterAizatulin poster
Aizatulin poster
 
100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projects100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projects
 
Php On Java (London Java Community Unconference)
Php On Java (London Java Community Unconference)Php On Java (London Java Community Unconference)
Php On Java (London Java Community Unconference)
 
2004 Esug Prototalk
2004 Esug Prototalk2004 Esug Prototalk
2004 Esug Prototalk
 
Workshop NGS data analysis - 3
Workshop NGS data analysis - 3Workshop NGS data analysis - 3
Workshop NGS data analysis - 3
 
An Introduction to SPL, the Standard PHP Library
An Introduction to SPL, the Standard PHP LibraryAn Introduction to SPL, the Standard PHP Library
An Introduction to SPL, the Standard PHP Library
 
Cheat Sheet java
Cheat Sheet javaCheat Sheet java
Cheat Sheet java
 
Buffer Overflow Prone Function Detection
Buffer Overflow Prone Function DetectionBuffer Overflow Prone Function Detection
Buffer Overflow Prone Function Detection
 
Workshop NGS data analysis - 2
Workshop NGS data analysis - 2Workshop NGS data analysis - 2
Workshop NGS data analysis - 2
 
Stagefright recorder part1
Stagefright recorder part1Stagefright recorder part1
Stagefright recorder part1
 
IPC with Qt
IPC with QtIPC with Qt
IPC with Qt
 
Cp0675 03 may-2012-rm04
Cp0675 03 may-2012-rm04Cp0675 03 may-2012-rm04
Cp0675 03 may-2012-rm04
 
What is new and cool j2se & java
What is new and cool j2se & javaWhat is new and cool j2se & java
What is new and cool j2se & java
 
Java 7 - New Features - by Mihail Stoynov and Svetlin Nakov
Java 7 - New Features - by Mihail Stoynov and Svetlin NakovJava 7 - New Features - by Mihail Stoynov and Svetlin Nakov
Java 7 - New Features - by Mihail Stoynov and Svetlin Nakov
 
PHP on Java (BarCamp London 7)
PHP on Java (BarCamp London 7)PHP on Java (BarCamp London 7)
PHP on Java (BarCamp London 7)
 
Aizatulin slides-4-3
Aizatulin slides-4-3Aizatulin slides-4-3
Aizatulin slides-4-3
 

En vedette

Dec297 2012
Dec297 2012Dec297 2012
Dec297 2012EPRE
 
Conservación de documentos
Conservación de documentosConservación de documentos
Conservación de documentosManuel Bedoya D
 
Feliz fin de semana
Feliz fin de semanaFeliz fin de semana
Feliz fin de semanalopezjoachin
 
Instrucciones tema iii 15 i
Instrucciones tema iii 15 iInstrucciones tema iii 15 i
Instrucciones tema iii 15 iUAM AZC
 
Diario las cumbres
Diario las cumbresDiario las cumbres
Diario las cumbresvickyquiroga
 
17-07-2011 Formalizan Gobierno del Estado y Ayuntamiento declaratoria de Área...
17-07-2011 Formalizan Gobierno del Estado y Ayuntamiento declaratoria de Área...17-07-2011 Formalizan Gobierno del Estado y Ayuntamiento declaratoria de Área...
17-07-2011 Formalizan Gobierno del Estado y Ayuntamiento declaratoria de Área...Elizabeth Morales
 
Tarea ventajas y desventajas del mooc copia
Tarea ventajas y desventajas del mooc copiaTarea ventajas y desventajas del mooc copia
Tarea ventajas y desventajas del mooc copiaLucy Margarita
 
Estrategia Community Management
Estrategia Community ManagementEstrategia Community Management
Estrategia Community ManagementAlejandra Cruz
 
Ru?brica normas de ortografi?a co?mics 678
Ru?brica normas de ortografi?a co?mics 678Ru?brica normas de ortografi?a co?mics 678
Ru?brica normas de ortografi?a co?mics 678INTEF
 
Un grupo sanguíneo es una clasificación de la sangre de acuerdo con las carac...
Un grupo sanguíneo es una clasificación de la sangre de acuerdo con las carac...Un grupo sanguíneo es una clasificación de la sangre de acuerdo con las carac...
Un grupo sanguíneo es una clasificación de la sangre de acuerdo con las carac...Jesus Guillermo Lugo Mendivil
 
Ventajas de editar online
Ventajas de editar onlineVentajas de editar online
Ventajas de editar onlineivanasto
 

En vedette (20)

Dec297 2012
Dec297 2012Dec297 2012
Dec297 2012
 
Conservación de documentos
Conservación de documentosConservación de documentos
Conservación de documentos
 
Pedro Heilbron
Pedro HeilbronPedro Heilbron
Pedro Heilbron
 
Clara
ClaraClara
Clara
 
La niña
La niñaLa niña
La niña
 
Feliz fin de semana
Feliz fin de semanaFeliz fin de semana
Feliz fin de semana
 
CRÓNICA
CRÓNICACRÓNICA
CRÓNICA
 
Massiel
MassielMassiel
Massiel
 
Instrucciones tema iii 15 i
Instrucciones tema iii 15 iInstrucciones tema iii 15 i
Instrucciones tema iii 15 i
 
Practica n-06
Practica n-06Practica n-06
Practica n-06
 
Diario las cumbres
Diario las cumbresDiario las cumbres
Diario las cumbres
 
17-07-2011 Formalizan Gobierno del Estado y Ayuntamiento declaratoria de Área...
17-07-2011 Formalizan Gobierno del Estado y Ayuntamiento declaratoria de Área...17-07-2011 Formalizan Gobierno del Estado y Ayuntamiento declaratoria de Área...
17-07-2011 Formalizan Gobierno del Estado y Ayuntamiento declaratoria de Área...
 
Tarea ventajas y desventajas del mooc copia
Tarea ventajas y desventajas del mooc copiaTarea ventajas y desventajas del mooc copia
Tarea ventajas y desventajas del mooc copia
 
Estrategia Community Management
Estrategia Community ManagementEstrategia Community Management
Estrategia Community Management
 
Ru?brica normas de ortografi?a co?mics 678
Ru?brica normas de ortografi?a co?mics 678Ru?brica normas de ortografi?a co?mics 678
Ru?brica normas de ortografi?a co?mics 678
 
Un grupo sanguíneo es una clasificación de la sangre de acuerdo con las carac...
Un grupo sanguíneo es una clasificación de la sangre de acuerdo con las carac...Un grupo sanguíneo es una clasificación de la sangre de acuerdo con las carac...
Un grupo sanguíneo es una clasificación de la sangre de acuerdo con las carac...
 
Desafío de video
Desafío de videoDesafío de video
Desafío de video
 
Delfines
DelfinesDelfines
Delfines
 
Ventajas de editar online
Ventajas de editar onlineVentajas de editar online
Ventajas de editar online
 
Capitulo
CapituloCapitulo
Capitulo
 

Similaire à Security Tools Foss

What
WhatWhat
Whatanity
 
[ CNCF Q1 2024 ] Intro to Continuous Profiling and Grafana Pyroscope.pdf
[ CNCF Q1 2024 ] Intro to Continuous Profiling and Grafana Pyroscope.pdf[ CNCF Q1 2024 ] Intro to Continuous Profiling and Grafana Pyroscope.pdf
[ CNCF Q1 2024 ] Intro to Continuous Profiling and Grafana Pyroscope.pdfSteve Caron
 
100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projects 100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projects Andrey Karpov
 
Unmanaged Parallelization via P/Invoke
Unmanaged Parallelization via P/InvokeUnmanaged Parallelization via P/Invoke
Unmanaged Parallelization via P/InvokeDmitri Nesteruk
 
Five cool ways the JVM can run Apache Spark faster
Five cool ways the JVM can run Apache Spark fasterFive cool ways the JVM can run Apache Spark faster
Five cool ways the JVM can run Apache Spark fasterTim Ellison
 
Buffer overflow tutorial
Buffer overflow tutorialBuffer overflow tutorial
Buffer overflow tutorialhughpearse
 
Mark asoi ppt
Mark asoi pptMark asoi ppt
Mark asoi pptmark-asoi
 
Enabling White-Box Reuse in a Pure Composition Language
Enabling White-Box Reuse in a Pure Composition LanguageEnabling White-Box Reuse in a Pure Composition Language
Enabling White-Box Reuse in a Pure Composition Languageelliando dias
 
A Java Implementer's Guide to Boosting Apache Spark Performance by Tim Ellison.
A Java Implementer's Guide to Boosting Apache Spark Performance by Tim Ellison.A Java Implementer's Guide to Boosting Apache Spark Performance by Tim Ellison.
A Java Implementer's Guide to Boosting Apache Spark Performance by Tim Ellison.J On The Beach
 
All about Erubis (English)
All about Erubis (English)All about Erubis (English)
All about Erubis (English)kwatch
 
0100_Embeded_C_CompilationProcess.pdf
0100_Embeded_C_CompilationProcess.pdf0100_Embeded_C_CompilationProcess.pdf
0100_Embeded_C_CompilationProcess.pdfKhaledIbrahim10923
 
PyCon Canada 2015 - Is your python application secure
PyCon Canada 2015 - Is your python application securePyCon Canada 2015 - Is your python application secure
PyCon Canada 2015 - Is your python application secureIMMUNIO
 
Is your python application secure? - PyCon Canada - 2015-11-07
Is your python application secure? - PyCon Canada - 2015-11-07Is your python application secure? - PyCon Canada - 2015-11-07
Is your python application secure? - PyCon Canada - 2015-11-07Frédéric Harper
 
Hack Like It's 2013 (The Workshop)
Hack Like It's 2013 (The Workshop)Hack Like It's 2013 (The Workshop)
Hack Like It's 2013 (The Workshop)Itzik Kotler
 
Framework engineering JCO 2011
Framework engineering JCO 2011Framework engineering JCO 2011
Framework engineering JCO 2011YoungSu Son
 

Similaire à Security Tools Foss (20)

What
WhatWhat
What
 
[ CNCF Q1 2024 ] Intro to Continuous Profiling and Grafana Pyroscope.pdf
[ CNCF Q1 2024 ] Intro to Continuous Profiling and Grafana Pyroscope.pdf[ CNCF Q1 2024 ] Intro to Continuous Profiling and Grafana Pyroscope.pdf
[ CNCF Q1 2024 ] Intro to Continuous Profiling and Grafana Pyroscope.pdf
 
100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projects 100 bugs in Open Source C/C++ projects
100 bugs in Open Source C/C++ projects
 
Unmanaged Parallelization via P/Invoke
Unmanaged Parallelization via P/InvokeUnmanaged Parallelization via P/Invoke
Unmanaged Parallelization via P/Invoke
 
Five cool ways the JVM can run Apache Spark faster
Five cool ways the JVM can run Apache Spark fasterFive cool ways the JVM can run Apache Spark faster
Five cool ways the JVM can run Apache Spark faster
 
C tutorial
C tutorialC tutorial
C tutorial
 
Buffer overflow tutorial
Buffer overflow tutorialBuffer overflow tutorial
Buffer overflow tutorial
 
Mark asoi ppt
Mark asoi pptMark asoi ppt
Mark asoi ppt
 
Enabling White-Box Reuse in a Pure Composition Language
Enabling White-Box Reuse in a Pure Composition LanguageEnabling White-Box Reuse in a Pure Composition Language
Enabling White-Box Reuse in a Pure Composition Language
 
C notes.pdf
C notes.pdfC notes.pdf
C notes.pdf
 
A Java Implementer's Guide to Boosting Apache Spark Performance by Tim Ellison.
A Java Implementer's Guide to Boosting Apache Spark Performance by Tim Ellison.A Java Implementer's Guide to Boosting Apache Spark Performance by Tim Ellison.
A Java Implementer's Guide to Boosting Apache Spark Performance by Tim Ellison.
 
Structures-2
Structures-2Structures-2
Structures-2
 
All about Erubis (English)
All about Erubis (English)All about Erubis (English)
All about Erubis (English)
 
0100_Embeded_C_CompilationProcess.pdf
0100_Embeded_C_CompilationProcess.pdf0100_Embeded_C_CompilationProcess.pdf
0100_Embeded_C_CompilationProcess.pdf
 
Srgoc dotnet
Srgoc dotnetSrgoc dotnet
Srgoc dotnet
 
PyCon Canada 2015 - Is your python application secure
PyCon Canada 2015 - Is your python application securePyCon Canada 2015 - Is your python application secure
PyCon Canada 2015 - Is your python application secure
 
Switch case and looping
Switch case and loopingSwitch case and looping
Switch case and looping
 
Is your python application secure? - PyCon Canada - 2015-11-07
Is your python application secure? - PyCon Canada - 2015-11-07Is your python application secure? - PyCon Canada - 2015-11-07
Is your python application secure? - PyCon Canada - 2015-11-07
 
Hack Like It's 2013 (The Workshop)
Hack Like It's 2013 (The Workshop)Hack Like It's 2013 (The Workshop)
Hack Like It's 2013 (The Workshop)
 
Framework engineering JCO 2011
Framework engineering JCO 2011Framework engineering JCO 2011
Framework engineering JCO 2011
 

Plus de Henrik Kramshøj

Paranoia or risk management 2013
Paranoia or risk management 2013Paranoia or risk management 2013
Paranoia or risk management 2013Henrik Kramshøj
 

Plus de Henrik Kramshøj (14)

Tor talk-prosa-screen
Tor talk-prosa-screenTor talk-prosa-screen
Tor talk-prosa-screen
 
Paranoia or risk management 2013
Paranoia or risk management 2013Paranoia or risk management 2013
Paranoia or risk management 2013
 
Superhelt 2012-screen
Superhelt 2012-screenSuperhelt 2012-screen
Superhelt 2012-screen
 
Superhelt 2013-screen
Superhelt 2013-screenSuperhelt 2013-screen
Superhelt 2013-screen
 
2013 april-screen
2013 april-screen2013 april-screen
2013 april-screen
 
Basic Hacking Print
Basic Hacking PrintBasic Hacking Print
Basic Hacking Print
 
Ipv6 internetdagen-print
Ipv6 internetdagen-printIpv6 internetdagen-print
Ipv6 internetdagen-print
 
Ctf intro-print
Ctf intro-printCtf intro-print
Ctf intro-print
 
Hackerworkshop exercises
Hackerworkshop exercisesHackerworkshop exercises
Hackerworkshop exercises
 
Hackerworkshop print
Hackerworkshop printHackerworkshop print
Hackerworkshop print
 
Basic tcpip-print
Basic tcpip-printBasic tcpip-print
Basic tcpip-print
 
Basic tcpip-exercises
Basic tcpip-exercisesBasic tcpip-exercises
Basic tcpip-exercises
 
IPv6 introduction
IPv6 introductionIPv6 introduction
IPv6 introduction
 
Krimihacking
KrimihackingKrimihacking
Krimihacking
 

Dernier

Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 

Dernier (20)

Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 

Security Tools Foss

  • 1. Velkommen til Security Tools in Software Development FOSS Aalborg Henrik Lund Kramshøj hlk@security6.net http://www.security6.net Slides are available as PDF and are in Danish only, sorry c copyright 2009 Security6.net, Henrik Lund Kramshøj 1
  • 2. ˚ Formal Class Name Attribute Java Note Attribute Subclass C# C Package Ruby Class Name Class Name qualifier PHP T Class Groovy Attribute Component Attribute Operation Python Operation Lære om værktøjer der kan forbedre sikkerhed for produktionssystemer c copyright 2009 Security6.net, Henrik Lund Kramshøj 2
  • 3. Internet - Here be dragons c copyright 2009 Security6.net, Henrik Lund Kramshøj 3
  • 4. Matrix style hacking anno 2003 c copyright 2009 Security6.net, Henrik Lund Kramshøj 4
  • 5. Trinity breaking in http://nmap.org/movies.html Meget realistisk http://www.youtube.com/watch?v=Zy5_gYu_isg c copyright 2009 Security6.net, Henrik Lund Kramshøj 5
  • 6. buffer overflows et C problem ˚ Et buffer overflow er det der sker nar man skriver flere data end der er afsat plads til ˚ ˚ i en buffer, et dataomrade. Typisk vil programmet ga ned, men i visse tilfælde kan en angriber overskrive returadresser for funktionskald og overtage kontrollen. Stack protection er et udtryk for de systemer der ved hjælp af operativsystemer, pro- grambiblioteker og lign. beskytter stakken med returadresser og andre variable mod overskrivning gennem buffer overflows. StackGuard og Propolice er nogle af de mest kendte. c copyright 2009 Security6.net, Henrik Lund Kramshøj 6
  • 7. Buffer og stacks Variables Stack buf: buffer 3 Program Function 1) Read data 2) Process data strcpy () 3) Continue { copy data return } main(int argc, char **argv) { char buf[200]; strcpy(buf, argv[1]); printf(quot;%snquot;,buf); } c copyright 2009 Security6.net, Henrik Lund Kramshøj 7
  • 8. Overflow - segmentation fault 1000 Variables Stack buf: buffer overflow /bin/sh .... 1000 1000 1000 1000 3 Program Function 1) Read data 2) Process data strcpy () 3) Continue { copy data return } Bad function overwrites return value! Control return address Run shellcode from buffer, or from other place c copyright 2009 Security6.net, Henrik Lund Kramshøj 8
  • 9. Exploits $buffer = quot;quot;; $null = quot;x00quot;; $nop = quot;x90quot;; $nopsize = 1; $len = 201; // what is needed to overflow, maybe 201, maybe more! $the_shell_pointer = 0xdeadbeef; // address where shellcode is # Fill buffer for ($i = 1; $i < $len;$i += $nopsize) { $buffer .= $nop; } $address = pack(’l’, $the_shell_pointer); $buffer .= $address; exec quot;$programquot;, quot;$bufferquot;; Demo exploit in Perl c copyright 2009 Security6.net, Henrik Lund Kramshøj 9
  • 10. Hvordan finder man buffer overflow, og andre fejl Black box testing Closed source reverse engineering White box testing Open source betyder man kan læse og analysere koden Source code review - automatisk eller manuelt Fejl kan findes ved at prøve sig frem - fuzzing Exploits virker typisk mod specifikke versioner af software c copyright 2009 Security6.net, Henrik Lund Kramshøj 10
  • 11. Forudsætninger Bemærk: alle angreb har forudsætninger for at virke Et angreb mod Telnet virker kun hvis du bruger Telnet Et angreb mod Apache HTTPD virker ikke mod Microsoft IIS Kan du bryde kæden af forudsætninger har du vundet! c copyright 2009 Security6.net, Henrik Lund Kramshøj 11
  • 12. ˚ Eksempler pa forudsætninger Computeren skal være tændt ˚ Funktionen der misbruges skal være slaet til Executable stack Executable heap Fejl i programmet alle programmer har fejl c copyright 2009 Security6.net, Henrik Lund Kramshøj 12
  • 13. Software udvikling er nemt Software udvikling er nemt Du skal blot skrive perfekt kode første gang :-) Sikkerhed er svært Det er svært at skrive perfekt kode, om ikke umuligt ˚ Sa nu vil vi snakke om værktøjer til at forbedre situationen c copyright 2009 Security6.net, Henrik Lund Kramshøj 13
  • 14. Part 1 Low hanging fruits - easy Højere kvalitet er mere sikkert c copyright 2009 Security6.net, Henrik Lund Kramshøj 14
  • 15. Coding standards - style This file specifies the preferred style for kernel source files in the OpenBSD source tree. It is also a guide for preferred user land code style. These guidelines should be followed for all new code. In general, code can be considered “new code” when it makes up about 50more of the file(s) involved. ... Use queue(3) macros rather than rolling your own lists, whenever possible. Thus, the previous example would be better written: #include <sys/queue.h> struct foo { LIST_ENTRY(foo) link; /* Queue macro glue for foo lists */ struct mumble amumble; /* Comment for mumble */ int bar; }; LIST_HEAD(, foo) foohead; /* Head of global foo list */ OpenBSD style(9) c copyright 2009 Security6.net, Henrik Lund Kramshøj 15
  • 16. Coding standards functions The following copies as many characters from input to buf as will fit and NUL terminates the result. Because strncpy() does not guarantee to NUL terminate the string itself, it must be done by hand. char buf[BUFSIZ]; (void)strncpy(buf, input, sizeof(buf) - 1); buf[sizeof(buf) - 1] = ’0’; Note that strlcpy(3) is a better choice for this kind of operation. The equivalent using strlcpy(3) is simply: (void)strlcpy(buf, input, sizeof(buf)); OpenBSD strcpy(9) c copyright 2009 Security6.net, Henrik Lund Kramshøj 16
  • 17. Compiler warnings - gcc -Wall $ gcc -o demo demo.c demo.c: In function main: demo.c:4: warning: incompatible implicit declaration of built-in function strcpy $ gcc -Wall -o demo demo.c demo.c:2: warning: return type defaults to int demo.c: In function main: demo.c:4: warning: implicit declaration of function strcpy demo.c:4: warning: incompatible implicit declaration of built-in function strcpy demo.c:5: warning: control reaches end of non-void function Easy to do! c copyright 2009 Security6.net, Henrik Lund Kramshøj 17
  • 18. No warnings = no errors? $ cat demo2.c #include <strings.h> int main(int argc, char **argv) { char buf[200]; strcpy(buf, argv[1]); return 0; } $ gcc -Wall -o demo2 demo2.c Der er stadig alvorlige fejl! c copyright 2009 Security6.net, Henrik Lund Kramshøj 18
  • 19. Version control Versionsstyring og configuration management har mange fordele ˚ Hvem ændrede, hvornar og hvad Hvorfor blev der foretaget en ændring Med versionsstyring kan pre-commit hooks implementeres c copyright 2009 Security6.net, Henrik Lund Kramshøj 19
  • 20. Subversion sample hooks scripts pre-commit - check • case-insensitive.py • check-mime-type.pl • commit-access-control.pl • commit-block-joke.py • detect-merge-conflicts.sh • enforcer • log-police.py • pre-commit-check.py • svnperms.py • verify-po.py http://subversion.tigris.org/tools_contrib.html http://svn.collab.net/repos/svn/trunk/contrib/hook-scripts/ c copyright 2009 Security6.net, Henrik Lund Kramshøj 20
  • 21. Eksempel Enforcer In a Java project I work on, we use log4j extensively. Use of System.out.println() bypasses the control that we get from log4j, so we would like to discourage the addition of println calls in our code. We want to deny any commits that add a println into the code. The world being full of exceptions, we do need a way to allow some uses of println, so we will allow it if the line of code that calls println ends in a comment that says it is ok: System.out.println(quot;No log4j herequot;); // (authorized) http://svn.collab.net/repos/svn/trunk/contrib/hook-scripts/enforcer/enforcer c copyright 2009 Security6.net, Henrik Lund Kramshøj 21
  • 22. Eksempel verify-po.py #!/usr/bin/env python quot;quot;quot;This is a pre-commit hook that checks whether the contents of PO files committed to the repository are encoded in UTF-8. quot;quot;quot; http://svn.collab.net/repos/svn/trunk/tools/hook-scripts/verify-po.py c copyright 2009 Security6.net, Henrik Lund Kramshøj 22
  • 23. Part 2 Design for security - more work Sikkerhed er kun effektivt hvis det tænkes ind i design c copyright 2009 Security6.net, Henrik Lund Kramshøj 23
  • 24. Secure Coding begynder med design Secure Coding: Principles and Practices af Mark G. Graff, Kenneth R. Van Wyk 2003 Architecture/design while you are thinking about the application Implementation while you are writing the application Operations After the application is in production Ca. 200 sider, men tætpakket med information. c copyright 2009 Security6.net, Henrik Lund Kramshøj 24
  • 25. Sins in Software Security 19 Deadly Sins of Software Security af Michael Howard, David Leblanc, John Viega 2005 Obligatorisk læsning for alle udviklere ˚ Forfatterne har skrevet mange gode bøger bade før og efter Denne bog er præcis og giver overblik Ca. 270 sider, let at læse. Buffer Overruns, Format String Problems, Integer Overflows, SQL Injection, Command Injection, Failing to Handle Errors, Cross-Site Scripting, Failing to Protect Network Traf- fic, Magic URLs Hidden Form Fields, Improper Use of SSL and TLS, Weak Password- Based Systems, Failing to Store and Protect Data Securely, Information Leakage, Im- proper File Access, Trusting Network Name Resolution, Race Conditions, Unauthenti- cated Key Exchange, Cryptographically Strong Random Numbers, Poor Usability c copyright 2009 Security6.net, Henrik Lund Kramshøj 25
  • 26. Part 3 Testing - more work now, less work in the long run Test1 Test2 Test3 Test4 Højere kvalitet er mere sikkert c copyright 2009 Security6.net, Henrik Lund Kramshøj 26
  • 27. Hvorfor teste Finde fejl under udviklingen af software Sikre at software overholder krav til kvalitet Finde fejl senere! ˚ Undga at gamle fejl optræder igen! Test ofte c copyright 2009 Security6.net, Henrik Lund Kramshøj 27
  • 28. Unit testing - laveste niveau public class TestAdder { public void testSum() { Adder adder = new AdderImpl(); assert(adder.add(1, 1) == 2); assert(adder.add(1, 2) == 3); assert(adder.add(2, 2) == 4); assert(adder.add(0, 0) == 0); assert(adder.add(-1, -2) == -3); assert(adder.add(-1, 1) == 0); assert(adder.add(1234, 988) == 2222); } } Kan bruges til at teste enkelte dele af en applikation Eksempel fra http://en.wikipedia.org/wiki/Unit_testing c copyright 2009 Security6.net, Henrik Lund Kramshøj 28
  • 29. Hudson and friends Continous building and testing Finder løbende fejl - hurtig feedback c copyright 2009 Security6.net, Henrik Lund Kramshøj 29
  • 30. Part 4 Analysis Brug al den hjælp du kan til at finde fejl c copyright 2009 Security6.net, Henrik Lund Kramshøj 30
  • 31. Typer af analyse statisk analyse finder fejl uden at køre programmet typisk findes konstruktioner som indeholder fejl, brug af forkerte funktioner m.v. dynamisk analyse findes ved at køre programmet, typisk i et specielt miljø c copyright 2009 Security6.net, Henrik Lund Kramshøj 31
  • 32. Statiske analyseværktøjer Flawfinder http://www.dwheeler.com/flawfinder/ RATS Rough Auditing Tool for Security, C, C++, Perl, PHP and Python PMD static ruleset based Java http://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis c copyright 2009 Security6.net, Henrik Lund Kramshøj 32
  • 33. A Fool with a Tool is still a Fool 1. Run tool 2. Fix problems 3. Rinse repeat Fixing problems? char tmp[256]; /* Flawfinder: ignore */ strcpy(tmp, pScreenSize); /* Flawfinder: ignore */ Eksempel fra http://www.dwheeler.com/flawfinder/ c copyright 2009 Security6.net, Henrik Lund Kramshøj 33
  • 34. PMD static ruleset based Java source code analyzer http://pmd.sourceforge.net/ Spøjs note: 2009-02-08 PMD 4.2.5: bug fixes, new rule, new Android ruleset c copyright 2009 Security6.net, Henrik Lund Kramshøj 34
  • 35. Hard to do - manual analysis Hvorfor ikke bare programmere sikkert? Der er mange ressourcer tilgængelige: Websites: Secure Programming for Linux and Unix HOWTO http://www.dwheeler.com/secure-programs/ Bøger: 19 Deadly Sins of Software Security: Programming Flaws and How to Fix Them Michael Howard, David LeBlanc, John Viega + deres andre bøger Det er for svært, tager for lang tid! c copyright 2009 Security6.net, Henrik Lund Kramshøj 35
  • 36. Feedback Sørg for feedback i jeres processer ˚ ˚ ˚ Maske nar I kun til denne del, sa sørg for at erfaringer opsamles for hvert projekt ˚ Læs ressourcer og lav design sa det bliver nemmere at sikre ˚ Fa antagelser = færre fejl c copyright 2009 Security6.net, Henrik Lund Kramshøj 36
  • 37. Dynamic analysis ˚ compile time vs. at run time nogle fejl kan ikke findes pa compile-time ˚ ˚ Er du doven sa oversæt og kør programmet pa OpenBSD ;-) c copyright 2009 Security6.net, Henrik Lund Kramshøj 37
  • 38. Part 5 Break it Use fuzzers, hackertools, improve security by breaking it c copyright 2009 Security6.net, Henrik Lund Kramshøj 38
  • 39. Simple fuzzer $ for i in 10 20 30 40 50 >> do >> ./demo ‘perl -e quot;print ’A’x$iquot;‘ >> done AAAAAAAAAA AAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAA Memory fault AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA Memory fault AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA Memory fault Memory fault/segmentation fault - juicy! c copyright 2009 Security6.net, Henrik Lund Kramshøj 39
  • 40. Fuzz Revisited Fuzz Revisited: A Re-examination of the Reliability of UNIX Utilities and Services We have tested the reliability of a large collection of basic UNIX utility programs, X-Window applications and servers, and networkservices. We used a simple testing method of subjecting these programs to a random inputstream. ... The result of our testing is that we can crash (with coredump) or hang (infiniteloop) over 40% (in the worst case) of the basic programs and over 25% of the X-Window applications. ... We also tested how utility programs checked their return codes from the memory allocation library routines by simulating the unavailability of virtual memory. We could crash almost half of the programs that we tested in this way. october 1995 c copyright 2009 Security6.net, Henrik Lund Kramshøj 40
  • 41. Fuzzers cat /dev/random ˚ Et program der kan give forskelligt fejlbehæftet input som maske kan identificere fejl Jeg anbefaler bogen Fuzzing: Brute Force Vulnerability Discovery Michael Sutton, Adam Greene, Pedram Amini og tilhørende website Se: http://www.fuzzing.org/fuzzing-software c copyright 2009 Security6.net, Henrik Lund Kramshøj 41
  • 42. Fri adgang til hackerværktøjer I 1993 skrev Dan Farmer og Wietse Venema artiklen Improving the Security of Your Site by Breaking Into it I 1995 udgav de softwarepakken SATAN Security Administrator Tool for Analyzing Networks We realize that SATAN is a two-edged sword - like many tools, it can be used for good and for evil purposes. We also realize that intruders (including wannabees) have much more capable (read intrusive) tools than offered with SATAN. ˚ Traditionen med abenhed er ført videre helt til idag Se http://sectools.org og http://www.packetstormsecurity.org/ c copyright 2009 Security6.net, Henrik Lund Kramshøj 42
  • 43. Part 6 Enhance and secure runtime environment ˚ Sidste chance er pa afviklingstidspunktet c copyright 2009 Security6.net, Henrik Lund Kramshøj 43
  • 44. Chroot, Jails and ˚ Der findes mange typer jails pa Unix Ideer fra Unix chroot som ikke er en egentlig sikkerhedsfeature • Unix chroot - bruges stadig, ofte i daemoner som OpenSSH • FreeBSD Jails • SELinux • ˚ Solaris Containers og Zones - jails pa steroider • VMware virtuelle maskiner, er det et jail? ˚ Hertil kommer et antal andre mader at adskille processer - sandkasser ˚ Husk ogsa de simple, database som _postgresql, Tomcat som tomcat, Postfix ˚ postsystem som _postfix, SSHD som sshd osv. - simple brugere, fa rettigheder c copyright 2009 Security6.net, Henrik Lund Kramshøj 44
  • 45. Defense in depth - flere lag af sikkerhed root skift til root kræver gruppe wheel sudo kræver kodeord SSHD kræver nøgler firewall tillader kun SSH fra bestemte IP Forsvar dig selv med flere lag af sikkerhed! c copyright 2009 Security6.net, Henrik Lund Kramshøj 45
  • 46. JVM security policies Udviklet sammen med Java Meget kendt ˚ ˚ Bade Silverlight og JavaFX laner fra denne type model c copyright 2009 Security6.net, Henrik Lund Kramshøj 46
  • 47. Apache 6.0.18 catalina.policy (uddrag) // ========== WEB APPLICATION PERMISSIONS ===================================== // These permissions are granted by default to all web applications // In addition, a web application will be given a read FilePermission // and JndiPermission for all files and directories in its document root. grant { // Required for JNDI lookup of named JDBC DataSource’s and // javamail named MimePart DataSource used to send mail permission java.util.PropertyPermission quot;java.homequot;, quot;readquot;; permission java.util.PropertyPermission quot;java.naming.*quot;, quot;readquot;; permission java.util.PropertyPermission quot;javax.sql.*quot;, quot;readquot;; ... }; // The permission granted to your JDBC driver // grant codeBase quot;jar:file:$catalina.home/webapps/examples/WEB-INF/lib/driver.jar!/-quot; { // permission java.net.SocketPermission quot;dbhost.mycompany.com:5432quot;, quot;connectquot;; // }; Eksempel fra apache-tomcat-6.0.18/conf/catalina.policy c copyright 2009 Security6.net, Henrik Lund Kramshøj 47
  • 48. Apple sandbox named generic rules ;; named - sandbox profile ;; Copyright (c) 2006-2007 Apple Inc. All Rights reserved. ;; ;; WARNING: The sandbox rules in this file currently constitute ;; Apple System Private Interface and are subject to change at any time and ;; without notice. The contents of this file are also auto-generated and not ;; user editable; it may be overwritten at any time. ;; (version 1) (debug deny) (import quot;bsd.sbquot;) (deny default) (allow process*) (deny signal) (allow sysctl-read) (allow network*) c copyright 2009 Security6.net, Henrik Lund Kramshøj 48
  • 49. Apple sandbox named specific rules ;; Allow named-specific files (allow file-write* file-read-data file-read-metadata (regex quot;ˆ(/private)?/var/run/named.pid$quot; quot;ˆ/Library/Logs/named.log$quot;)) (allow file-read-data file-read-metadata (regex quot;ˆ(/private)?/etc/rndc.key$quot; quot;ˆ(/private)?/etc/resolv.conf$quot; quot;ˆ(/private)?/etc/named.conf$quot; quot;ˆ(/private)?/var/named/quot;)) ˚ Eksempel fra /usr/share/sandbox pa Mac OS X c copyright 2009 Security6.net, Henrik Lund Kramshøj 49
  • 50. Gode operativsystemer Nyere versioner af Microsoft Windows, Mac OS X og Linux distributionerne inkluderer: • Buffer overflow protection • Stack protection, non-executable stack • Heap protection, non-executable heap • Randomization of parameters stack gap m.v. ˚ OpenBSD er nok naet længst og et godt eksempel http://www.openbsd.org/papers/ NB: meget af dette kræver relativt ny CPU og Memory Management Unit ˚ NB: meget fa embedded systemer eller operativsystemer til samme har beskyttelse! c copyright 2009 Security6.net, Henrik Lund Kramshøj 50
  • 51. Informationssikkerhed Husk følgende: Sikkerhed kommer fra langsigtede intiativer Hvad er informationssikkerhed? ˚ Data pa elektronisk form ˚ Data pa fysisk form Social engineering - The Art of Deception: Controlling the Human Element of Security af Kevin D. Mitnick, William L. Simon, Steve Wozniak Informationssikkerhed er en proces c copyright 2009 Security6.net, Henrik Lund Kramshøj 51
  • 52. ˚ Spørgsmal? Henrik Lund Kramshøj hlk@security6.net http://www.security6.net ˚˚ I er altid velkomne til at sende spørgsmal pa e-mail c copyright 2009 Security6.net, Henrik Lund Kramshøj 52
  • 53. FreeScan.dk - gratis portscanning http://www.freescan.dk c copyright 2009 Security6.net, Henrik Lund Kramshøj 53
  • 54. Buffer overflows Hvis man vil lære at lave buffer overflows og exploit programmer er følgende doku- menter et godt sted at starte Smashing The Stack For Fun And Profit Aleph One Writing Buffer Overflow Exploits with Perl - anno 2000 Følgende bog kan ligeledes anbefales: The Shellcoder’s Handbook : Discovering and Exploiting Security Holes af Chris Anley, John Heasman, Felix Lindner, Gerardo Richarte 2nd Edition , John Wiley & Sons, august 2007 ˚ NB: bogen er avanceret og saledes IKKE for begyndere! c copyright 2009 Security6.net, Henrik Lund Kramshøj 54
  • 55. milw0rm - dagens buffer overflow http://milw0rm.com/ c copyright 2009 Security6.net, Henrik Lund Kramshøj 55
  • 56. Metasploit Trinity brugte et exploit program Idag findes der samlinger af exploits som milw0rm Udviklingsværktøjerne til exploits er idag meget raffinerede! http://www.metasploit.com/ c copyright 2009 Security6.net, Henrik Lund Kramshøj 56
  • 57. Reklamer: kursusafholdelse Følgende kurser afholdes med mig som underviser • IPv6 workshop - 1 dag Introduktion til Internetprotokollerne og forberedelse til implementering i egne netværk. • Wireless teknologier og sikkerhed workshop - 2 dage ˚ ˚ En dag med fokus pa netværksdesign og fornuftig implementation af tradløse netværk, samt inte- gration med hjemmepc og wirksomhedsnetværk. • Hacker workshop 2 dage Workshop med detaljeret gennemgang af hackermetoderne angreb over netværk, exploitprogram- mer, portscanning, Nessus m.fl. • Forensics workshop 2 dage ˚ ˚ Med fokus pa tilgængelige open source værktøjer gennemgas metoder og praksis af undersøgelse ˚ af diskimages og spor pa computer systemer • Moderne Firewalls og Internetsikkerhed 2 dage ˚ ˚ Informere om trusler og aktivitet pa Internet, samt give et bud pa hvorledes en avanceret moderne firewall idag kunne konfigureres. ˚ Se mere pa http://www.security6.net/courses.html c copyright 2009 Security6.net, Henrik Lund Kramshøj 57