Difference between revisions of "Team 12 Main"
From CyberSecurity
Chris DuPuis (talk | contribs) |
|||
| Line 4: | Line 4: | ||
A. Report from each engineering member on techniques used, difficulty of attack, | A. Report from each engineering member on techniques used, difficulty of attack, | ||
feasibility of automating attacks. | feasibility of automating attacks. | ||
| + | 1. Simple buffer overflow attack, as described in the readings. Ended up needing a hard-coded address to stick in the return address portion of the stack. This leads to less effective mechanism for a remote attack. A more dynamic method for determining the address of the buffer that contains the exploit code is required to be feasible, especially for automating the attacks. | ||
| + | Interestingly, availability of the source code of the target program allowed a much quicker exploit. Thus, obfuscation does indeed have value, but should obviously not be the primary form of defense. | ||
| + | |||
II. Potential financial damages | II. Potential financial damages | ||
A. Home computer | A. Home computer | ||
| − | 1. Credit card fraud | + | 1. Credit card fraud - This can be exploited several different ways, but in the end, the consumer's liability is limited to $50.00. Thus, it is a more significant risk for the financial institutions than for the consumer. |
| − | 2. Identity theft | + | 2. Identity theft - This can have much more serious financial consequences for the individual and can take several years to sort out. |
3. Botnet/DDOS applications | 3. Botnet/DDOS applications | ||
| Line 23: | Line 26: | ||
3. Failing to order things when requested. | 3. Failing to order things when requested. | ||
| + | |||
| + | 4. Business strategy advantage for either supplier, competitor of supplier, or competitor of Walmart (depending on who compromises the computer) | ||
C. Trading computer | C. Trading computer | ||
| Line 31: | Line 36: | ||
3. Reporting incorrect information. | 3. Reporting incorrect information. | ||
| + | |||
| + | 4. Failing to store records of trades | ||
III. Applications of value to terrorists | III. Applications of value to terrorists | ||
| + | |||
| + | A. Home Computer | ||
| + | |||
| + | 1. Zombie for botnet, etc. | ||
| + | |||
| + | B. Walmart Ordering Computer | ||
| + | |||
| + | 1. Zombie for botnet | ||
| + | |||
| + | C. Trading Computer | ||
| + | |||
| + | 1. Confidence in financial markets, etc., is the backbone of U.S. economy. | ||
IV. Defenses | IV. Defenses | ||
| + | |||
| + | A. Home Computer | ||
| + | |||
| + | 1. Anti-Virus software | ||
| + | |||
| + | 2. Anti-Spyware software | ||
| + | |||
| + | 3. Firewalls | ||
| + | |||
| + | 4. High quality software (implying few intrinsic vulnerabilities) | ||
| + | |||
| + | 5. Easily configured for high-security settings | ||
| + | |||
| + | 6. Defaults to secure | ||
| + | |||
| + | 7. Effective patching / updating mechanism | ||
| + | |||
| + | B. Walmart Ordering Computer | ||
| + | |||
| + | 1. All of the above | ||
| + | |||
| + | 2. Intrusion detection tools | ||
| + | |||
| + | 3. Auditing tools | ||
| + | |||
| + | C. Trading Computer | ||
Revision as of 05:46, 21 October 2005
Edit this outline as necessary, adding in details where they fit.
I. Information about the attack.
A. Report from each engineering member on techniques used, difficulty of attack,
feasibility of automating attacks.
1. Simple buffer overflow attack, as described in the readings. Ended up needing a hard-coded address to stick in the return address portion of the stack. This leads to less effective mechanism for a remote attack. A more dynamic method for determining the address of the buffer that contains the exploit code is required to be feasible, especially for automating the attacks.
Interestingly, availability of the source code of the target program allowed a much quicker exploit. Thus, obfuscation does indeed have value, but should obviously not be the primary form of defense.
II. Potential financial damages
A. Home computer
1. Credit card fraud - This can be exploited several different ways, but in the end, the consumer's liability is limited to $50.00. Thus, it is a more significant risk for the financial institutions than for the consumer.
2. Identity theft - This can have much more serious financial consequences for the individual and can take several years to sort out.
3. Botnet/DDOS applications
4. Reporting incorrect information.
B. Walmart ordering computer
1. All of the home computer items, and...
2. Ordering things inappropriately.
3. Failing to order things when requested.
4. Business strategy advantage for either supplier, competitor of supplier, or competitor of Walmart (depending on who compromises the computer)
C. Trading computer
1. Making trades inappropriately.
2. Failing to make trades when requested
3. Reporting incorrect information.
4. Failing to store records of trades
III. Applications of value to terrorists
A. Home Computer
1. Zombie for botnet, etc.
B. Walmart Ordering Computer
1. Zombie for botnet
C. Trading Computer
1. Confidence in financial markets, etc., is the backbone of U.S. economy.
IV. Defenses
A. Home Computer
1. Anti-Virus software
2. Anti-Spyware software
3. Firewalls
4. High quality software (implying few intrinsic vulnerabilities)
5. Easily configured for high-security settings
6. Defaults to secure
7. Effective patching / updating mechanism
B. Walmart Ordering Computer
1. All of the above
2. Intrusion detection tools
3. Auditing tools
C. Trading Computer
