没有合适的资源?快使用搜索试试~ 我知道了~
资源推荐
资源详情
资源评论
Lecture Notes (Syracuse University) Introduction: 1
Introduction of Computer and Network Security
1 Overview
A good security professional should possess two important skills: (1) the sense of security, and (2) the
knowledge of security principles. I hope that students who finish this course can possess both. Possessing
does not mean “knowing”; it means “being able to apply these skills”.
2 Risks and Threats
• Risks when using computer systems:
– You are working on your project in a public library, and you have remotely logged into your
department’s UNIX server. You have to leave for one minute, and you feel lazy and decide not
to lock the screeen of your computer. What is the most severe damage that you can get if a
malicious person takes this oppurtunity? How much time does it a malicious person need to
achieve the most severe damage?
– You go to a public lab and wants to use a computer there to remotely login to your department’s
computer or conduct online banking; what is the risk that you are facing?
– You go to an ATM machine to get cash in a nice neighbourhood (i.e., there is no forced robbery),
what is your risk?
• Risks when setting up computer systems.
– You want to access your office computer from your home, so you set up your office computer so
you can access its desktop remotely. What is the risk?
– You intall a wireless access point in your house to build a wireless network. What is the risk?
– You are system administrator, and turn several programs into privileged programs, so you will
not be bothered by some of the tasks (users can use those privileged programs to finish those
tasks). What is the risk?
• Risks when developing computer systems.
– Your program has a few buffer-overflow problem, but you are under pressure to release the
software product in time, and decide not to fix this bug for this release. What is the risk?
– Your company just wins the bid for building e-voting systems for the government. What are the
risks that you system might face?
– You are developing an online shopping web site for a store. What are the risks that you will face.
• Sense of Security: The ability to see and foresee the risks. If you cannot systematically enumerate the
risks in the above examples, you do not have a good sense of security. I hope that after this course,
you can gain a good sense of security, and be able to assess your risks when you are to use, setup, or
develop computer systems.
• Lessons learned from previous classes: students in this class in the past did not pay enough attention to
foster the sense of security. Every semester in the demonstration of final project, I saw students (not
just a few, but majority of them) who demonstrated excellent functionalities of their systems, but
Lecture Notes (Syracuse University) Introduction: 2
showed no sense of security. They spent many hours implementing a useful functionality for their
systems, but did not spend a single second to think about the security consequence of that functional-
ity (e.g., should we put in access control to prevent the functionality from being abused by malicious
users to gain extra privileges?)
3 Countermeasures
• Methods: There are three lines of defense.
1. Prevention: the focus of this course.
– prevent it: make it impossible
– deter it: make it harder
– deflect it: make other targets more attractive
2. Detection
– monitoring
– intrusion detection
3. Recovery
– recover the data
– identify the damage
– find the culprit: forensics
• How does prevention work?
– Policies (IST courses)
– Cryptography
∗ Cryptography is not just for encryption; it can be used to achieve many security-related
objectives, such as digital cash, timestamping, secure multiparty computation, e-voting,
e-bidding, etc.
∗ We only cover some basic cryptography in this class.
– Control (the key component of this course)
∗ Examples: make sure that only those with security clearance can read a file.
∗ Hardware control
∗ Software control
• How could prevention not work correctly?
– Vulnerabilities
– Malicious program: virus, trap doors, etc.
– Incorrect use of controls
– Users’ mistakes
• How to achieve correct prevention?
– Security engineering principles
– Awareness of risk
– Secure programming
Lecture Notes (Syracuse University) Introduction: 3
4 The Meaning of Computer Security
When we talk about “computer security”, we mean that we are addressing three very important aspects of
any computer-related system.
• Confidentiality
• Integrity
• Availability
The meanings of these three words (CIA) are quite broad. For different applications, the interpretation of
CIA is different.
• Confidentiality: access (reading, viewing, printing, knowing, etc.)
– Contents : encryption (cryptography)
– Existence of data: steganography. For example, stock investigation, prisoner, spy, watermarking
– Resource hiding: operating system information and configuration
– Fingerprinting
– Identity: (anonymity)
• Integrity: modification (includes writing, changing, changing status, deleting, and creating).
– Data integrity
– Program integrity
– System integrity
– Identity integrity (non-repudiation)
– Origin (location) integrity (e.g. network traceback)
• Availability.
– Denial of service
• Examples: what category do they belong to?
– TCP SYN flooding
– Sniffering
– Faked identity
– ATM machine spoofing
– Saving passwords in a plaintext file
CIS/CSE 643: Computer Security (Syracuse University) Unix Security Overview: 1
Unix Security Overview
1 User and Group
• Users
– root: super user (uid = 0)
– daemon: handle networks.
– nobody: owns no files, used as a default user for unprivileged operations.
∗ Web browser can run with this mode.
– User needs to log in with a password. The encrypted password is stored in /etc/shadow.
– User information is stored in /etc/passwd, the place that was used to store passwords (not
anymore). The following is an example of an entry in this file.
john:x:30000:40000:John Doe:/home/john:/usr/local/bin/tcsh
• Groups
– Sometimes, it is more convenient if we can assign permissions to a group of users, i.e. we would
like to assign permission based on groups.
– A user has a primary group (listed in /etc/passwd), and this is the one associated to the files
the user created.
– Any user can be a member of multiple groups.
– Group member information is stored in /etc/group
% groups uid (display the groups that uid belongs to)
– For systems that use NIS (Network Information Service), originally called Yellow Page (YP),
we can get the group information using the command ypcat.
% ypcat group (can display all the groups and their members)
2 File Permissions
• File Permissions
– The meaning of the permission bits in Unix.
∗ Owner (u), Group (g), and Others (o).
∗ Readable (r), Writable (w), and Executable (x).
∗ Example: -rwxrwxrwx (777)
• Permissions on Directories:
– r: the directory can be listed.
– w: can create/delete a file or a directory within the directory.
September 7, 2009
CIS/CSE 643: Computer Security (Syracuse University) Unix Security Overview: 2
– x: the directory can be entered.
• Change permission: chmod
• Full Access Control List: using getfacl and setfacl.
• Default File Permission
– What is the default file permission assigned to the newly created files?
– This default permission is stored in the umask environment variable.
– umask: permissions you do not want
– Default value in some systems: 022
∗ This set the permission of new files (non-executable) to rw-r–r–.
– Safest value: 077
∗ This sets the permission of new files (non-executable) to rw——-.
– Check your own setting by executing the following
% umask
– Change the umask value. You can execute the following command or put it in your .profile file.
% umask 077
3 Security-Related Commands
• Switch user
– Change your user ID to xyz, su means “substitute user”)
% /bin/su xyz
– Change to root. This is a common way to invoke superuser access). Once you are in the supe-
ruser account, the prompt becomes the pound sign (#).
% /bin/su -
– Running a command using superuser privilege. Sometimes, we just want to run a command
using the superuser privilege. Instead of su to root, and run the command, we can use the sudo
command.
(view the shadow file as a superuser)
% sudo more /etc/shadow
To be able to use sudo to run a command as the superuser, permissions must be granted (by the
root) to the user. This is done through the /etc/sudoers file.
• Change the owner of files
September 7, 2009
剩余56页未读,继续阅读
资源评论
绝不原创的飞龙
- 粉丝: 4w+
- 资源: 1083
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- Linux Lab-linux
- ioGame-unity
- kdump-anaconda-addon-anaconda
- northstar-ai
- basic_framework-keil5安装教程
- 守月亮修行杂谈(2012年-2020年)
- 《Web开发实训》项目总结报告.doc
- 新年烟花LED效果,10分频,10khz变1khz,Multisim仿真
- vba自定清单.zip
- XamarinBleCodeBehind-main.zip
- mmexport1734999482214.png
- python-4.FBI树-虽然但是,不是那个.py
- IMG_20241220_204418_edit_64163654257396.png
- python-5.火星人-这题面,好抽象.py
- python-6.奖学金-语文给你多少?我数英给你…….py
- Screenshot_20241216_213107.jpg
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功