Keamanan Sistem (CNG4O3)
Transcription
Keamanan Sistem (CNG4O3)
Keamanan Sistem (CNG4O3) 2014-2 05 – Application and Network Attacks http://newstweek.com/ Application Attacks Zero day attacks • exploit previously unknown vulnerabilities so victims have no time (zero days) to prepare or defend against the attacks • Include: • Web application attacks • Client-side attacks • Buffer overflow attacks Typical Web Application Infrastructure Securing Web Application Securing Web Application • Protecting the network. Although traditional network security devices can block traditional network attacks, they cannot always block Web application attacks. This is because many traditional network security devices ignore the content of HTTP traffic, which is the vehicle of Web application attacks. Because all Web traffic is based on the HTTP protocol, blocking HTTP traffic in order to stop Web application attacks would essentially prevent any access from the Internet. • Hardening the Web server. Enhancing the security of the Web server operating system and system services, although important for defending against other types of attacks, may not prevent attacks to Web applications. This is because, by design, the user’s input through the Web browser using HTTP must be processed by Web applications at the application level. Cross-Site Scripting (XSS) http://www.acunetix.com/websitesecurity/cross-site-scripting/ Example http://excess-xss.com/ Reflected XSS http://excess-xss.com/ SQL Injection http://code.tutsplus.com/tutorials/can-you-hack-your-own-site-a-look-at-some-essential-security-considerations--net-51 Beberapa kasus SQL injection • … • On March 7, 2014, officials at Johns Hopkins University publicly announced that their Biomedical Engineering Servers had become victim to an SQL injection attack carried out by an Anonymous hacker named "Hooky" and aligned with hacktivist group "RaptorSwag". The hackers compromised personal details of 878 students and staff, posting a press release and the leaked data on the internet. • In August 2014, Milwaukee-based computer security company Hold Security disclosed that it uncovered a theft of confidential information from nearly 420,000 websites through SQL injections. The New York Times confirmed this finding by hiring a security expert to check the claim. http://en.wikipedia.org/wiki/SQL_injection Directory traversal attack • An attacker needs only a Web browser and knowledge of the location of default files and directories on the system under attack • Example: Normal URL = http://www.server.net/dynamic.asp?view=display.ht ml Attack = http://www.server.net/dynamic.asp?view=../../../../.. /TopSecret.docx Client-side Attack • Targets vulnerabilities in client applications that interact with a compromised server or process malicious data. • In this case, the client initiates the connection with the server that could result in an attack. • Common client-side attacks include: • • • • header manipulation cookies and attachments session hijacking malicious add-ons Session hijacking • An attack in which an attacker attempts to impersonate the user by using his session token. • Stealing the session token. • An attacker can eavesdrop on the transmission and steal the session token • Stealing the session token cookie. • An attacker can use XSS and other attacks to steal the session token cookie from the victim’s computer and use it to impersonate the victim. Buffer Overflow Attacks • A process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer. • This extra data overflows into the adjacent memory locations and, under certain conditions, may cause the computer to stop functioning. • Attackers also use a buffer overflow in order to compromise a computer Network Attacks include denial of service, interception, poisoning, and attacks on access rights Denial of Service (DoS) • Attempts to prevent a system from performing its normal functions • Types of DoS attacks: • • • • ping flood attack smurf attack SYN flood attack distributed denial of service (DDoS) http://flylib.com/books/en/4.213.1.24/1/ Man-in-the-middle attack • Passive • captures the data that is being transmitted, records it, and then sends it on to the original recipient without their presence being detected • Active • the contents are intercepted and altered before they are sent on to the recipient Replay attack • Similar to a passive man-in-the-middle attack • A replay attack makes a copy of the transmission before sending it to the recipient. This copy is then used at a later time. • A simple replay: capturing logon credentials. http://flylib.com/books/en/4.213.1.24/1/ ARP Poisoning http://mile2.com/latest-news/arp-poisoning-attack.html • ARP poisoning is successful because there are no authentication procedures to verify ARP requests and replies. DNS Poisoning • Substitutes DNS addresses so that the computer is automatically redirected to another device • Can be done in two different locations: • the local host table: TCP/IP host table name system • UNIX, Linux, and Mac OS X = /etc/ • Windows = windows\system32\drivers\etc • the external DNS server: exploit a protocol flaw and convince the authentic DNS server to accept fraudulent DNS entries sent from the attacker’s DNS server Privilege escalation • Exploiting a vulnerability in software to gain access to resources that the user would normally be restricted from obtaining. • Two types: • a user with a lower privilege uses privilege escalation to access functions reserved for higher-privilege users • a user with restricted privileges accesses the different restricted functions of a similar user Transitive access • Involves using a third party to gain access rights • Attacking other programs that are poorly protected and that access (and ideally modify) the same resources on which the application of interest relies. Thus, this approach is transitive in that it involves attacking a trusted resource, in order to attack another target that uses the trusted resource. [http://catalogue.pearsoned.co.uk/samplechapter/0321375777.pdf]
Similar documents
Keamanan Sistem (CNG4O3)
http://www.tntmagazine.com/london/events/a-royal-summer-the-arrival-of-prince-george-the-opening-of-buckingham-palace-and-more-london-events-to-get-you-swept-up-in-royal-fever/page/2
More information