Notes

types of hacking research
1.political alt.2600,cult of dead,phrack,defcon,cert
2.commercial
3.social
4.financial
5.individual
Rate analysis
Adversary-an entity that attacks,or is a threat to a system
Hack-assault on system security that derives from an intelligent threat;i.e an an intelligent act that is a delivery attempt to evade security services and violet security policy of system.
countermeasure-an action,device procedure or technique that reduces threat,or vulnerability on an attack by preventing or eliminating
risk-An expectation of loss expressed as prob that a particular threat will exploit a certain vulnerability with particular harmful result.
Security policy-set of rules and practices that specify or regulate how a system or org provide security services to protect sensitive and critical system resources
Asset-Data contained in a information system or a service provided by a system,or a system capability.
A threat-is a potential for violation of security which exists when there is a circumstance,capability,action or event that would security and cause harm
Vulnerability-is a flaw or weakness in a system design,implementation or operation and management that could be exploited to violate system security policy
EXAMPLES OF THREATS

Hardware-Stolen or disabled an unencrypted cd-rom is stolen change of H/W configuration
software- deleted programs An unauthorise copy of software is made Working prog is modified to make fail during execution
Data- FILES are deleted an unauthorise read of data, existing files are modified or new file are fabricated
Communication lines-Messages destroyed or deleted. Messages are read, Messages are modified,delayed/duplicated
Security Vulns
Cross site scripting-(xss) occure whenever an application takes user suplied data and sends it to web browser without validating or encoding that data.
Injection Flaws-occure when user supplied is send to an interpreter as command or query
MALICIOUS FILES EXECUTION-code vuln to remote file inclusion allows attackers to include hostile code and data,resulting in diverstating attack,such as total server compromise
information leakage and improper error handling -app can unintentionally leak information about ther configuration,internal workings,or violet privacy through a variety of application problems.Attackers use this to steal sensitive data,or conduct more serious attack.
csrf-forces a logged on victim browser to send a pre-authanticated req to a vuln web app which then forces victi browser to perform a hostile action to the benefit of the attacker,
Broken auth and session management-account credentials and session token are often not properly protected.Attacker compromise passwords,keys,or auth tokens to assume other users identities.
Insecure communication-apps fail to encrypt network traffic
IDENTIFICATION AND AUTHENTICATION (I&A)
at any time a computer must with which other users it is working;to ensure that only legal entities are having access;to enforce authorization;to enforce accountability;
This can done in closed systems where all legal users are known to the system in advance or in open systems,i.e where user is not known to the system before time e.g in e-commerce
In whatever env a unique identity must be linked to a user,thi linking process consits of user offering some id to system and system req or challenging the user to prove that offered id actually belong to the user,this process is known as identification and auth.
purpose-ensure legal or auth users are allowed to access the system
i &a is easier in closed env than open env.
Identification process
1. identificaation of user-user id,can be stolen.proof of ownership
2.Authentication-verifying that user id belongs to the person or entity offering it ;some secrets parameters known only to real owner
Forms of secret parameters
.something user knows;possesses;is or combination
if it is password rules include
kept secret
user db kept confidential
Transfer of passwd between main system and ws must be secure
Protecting password storage
Scrambling of passwd before storage
Passdw file ecryption
Passwd file protected against un-auth access
Protecting passwd during Transmission
Networks can be tapped
passwd encrpted before transmission.
algorithm & shared key
First law of authentication
Keep your password secret at all time.(if your passwd is compromised an imposter can become you)
Choosing passwords
Minimum length
Not directly related to owner
Changed regularly
Should be as random as possible
No group passwds
N/B
Passwds are not secure;mostly widely used form of authentication bcoz they are easy to use,easy procedure
if password is stolen user doesnt know.