Lesson 13: Security

Homepage Content Slides Video

Warning

This lesson is under construction. Learn from it at your own risk. If you have any feedback, please fill out our General Feedback Survey.

Overview

Security

se·cu·ri·ty ( siˈkyo͝oritē/ ) [ noun ]

The state of being free from danger or threat.

The safety of a state or organization against criminal activity such as terrorism, theft, or espionage.

Types of Security

XKCD on WiFi Security

There are three main types of security in computing:

Threat Models

Threat models allow you to focus and limit your security resources on what is necessary instead of what is possible.

Access Control

XKCD Identity Comic

Passwords / Passphrases

Problems with Passwords

Solutions for Passwords

Choosing Pass-phrases

Relevant funny bash.org post

Choosing Pass-phrases

XKCD passwords comic

Certificates and HTTPS

HTTPS Lock in Browser URL Bar

Types of Attacks

Frequency of online attacks (37% Cross Site Scripting, 16% SQL Injection, etc)

Code Injection

Billy Droptables XKCD Comic

Code Injection Attacks

+-----------+----------------------------------------+
| username  | admin                                  |
+-----------+----------------------------------------+
| password: | pass' || true); DROP TABLE STUDENTS;-- |
+-----------+----------------------------------------+
<img onerror=alert("Tracking your IP with a GUI interface!");>
<img src="http://example.com/?action="Delete All Accounts">

Code Injection Defenses

Web Server Attacks

Apache Version Vulnerability

Discovering Vulnerabilites

  1. Test and document the bug to verify it exists.

    If you think you encountered a bug, make sure you can replicate it. If you can't how can you expect the developers to recreate it?

  2. Disclose it privately to those responsible for fixing it.

    Provide examples – it’s basically a bug report, but through private channels (not public tracker yet!)

  3. Give them time to release a patch before announcing it.

    Google waits 90 days to announce a bug after informing the developers.

Further Reading

codebashing.com/sql_demo
Try your hand at actual SQL Injection attacks
OverTheWire Wargames
Learn the basics of offensive security by solving challenges and using exploits to gain access to the password for the next level.