Софтверски сигурностни пропусти – детекција и превенција Даме Јованоски.

Презентация:



Advertisements
Похожие презентации
People have used the power of wind for thousands of years.
Advertisements

The environmental problems. The most serious environmental problems are: pollution in its many forms (water, air, nuclear); noise from cars and buses;
PAT312, Section 3, December 2006 S3-1 Copyright 2007 MSC.Software Corporation SECTION 3 HELP SYSTEM OVERVIEW.
Anything new or different in the world made by people is an invention!
By Dragaev Max Student of the 6 th form School # 93.
I consider that each child must have his own personal rights.Due to it, we can have a possibility in the private life.Some of them are presented in my.
© 2009 Avaya Inc. All rights reserved.1 Chapter Four, UMS Web Services Module One – UMS.
THE SIBERIAN TIGER
© 2004 Cisco Systems, Inc. All rights reserved. IPTT v AVVID Troubleshooting Tools Applying Cisco CallManager and Operating System Troubleshooting.
Viruses/Worms Software programs designed to invade your computer, and copy, damage, or delete your data. Trojans Viruses that pretend to be helpful programs.
PAT312, Section 20, December 2006 S20-1 Copyright 2007 MSC.Software Corporation SECTION 20 LISTS.
© 2006 Cisco Systems, Inc. All rights reserved.ISCW v Module Summary The IKE protocol is a key management protocol standard used in conjunction with.
Henry Ford Henry was a man who transformed the world. He was a symbol of industrial technology.
Dreamers Colin Jenkins 10b. Who is the dreamer, and when did they live? Joel Zimmerman or by his stage name Dead Mau5 (dead mouse) was born on born January.
© 2006 Cisco Systems, Inc. All rights reserved. SND v Securing LAN and WLAN Devices Applying Security Policies to Network Switches.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v Module Summary The multihomed customer network must exchange BGP information with both ISP.
Copyright 2003 CCNA 1 Chapter 9 TCP/IP Transport and Application Layers By Your Name.
OPERATING SYSTEMS. An operating system (OS) is an interface between hardware and user which is responsible for the management and coordination of activities.
Education in Romania Schooling levels. Kindergarten is optional between 3 and 6 years. Schooling starts at age 7 and is required to grade X.
© 2006 Cisco Systems, Inc. All rights reserved. HIPS v Configuring Rules Configuring Windows-Only Rules.
Транксрипт:

Софтверски сигурностни пропусти – детекција и превенција Даме Јованоски

Pwn2own – Предизвик за пронаоѓање на пропусти во пребарувачите (IE,Mozzila Firefox и Google Chrome) Награда :$100,000. Hex-Rays – пронаоѓање на сигурностни пропусти во нивните продукти Награда : $3000. Google предизвик за наоѓање на сигурностни пропусти во Chrome Награда :$20,000.

The Real Cost of Insecure Software In 1996, software defects in a Boeing 757 caused a crash that killed 70 people… In 2003, a software vulnerability helped cause the largest U.S. power outage in decades… In 2004, known software weaknesses let a hacker invade T- Mobile, capturing everything from passwords to Paris Hiltons photos… In 2005, 23,900 Toyota Priuses were recalled for software errors that could cause the cars to shut down at highway speeds… In 2006 dubbed The Year of Cybercrime, 7,000 software vulnerabilities were discovered that hackers could use to access private information… In 2007, operatives in two nations brazenly exploited software vulnerabilities to cripple the infrastructure and steal trade secrets from other sovereign nations…

Процес или циклус на развој на програми кои ги искористуваат софтверските сигурностни пропусти

Напаѓачот има за цел да пристапи до системот којшто го напаѓа ескалирање за придобивање на привилегии т. е ring0.

Buffer overflow String overflow Integer overflow Heap overflow Листа на останати видови на сигурностни пропусти : ory:Vulnerability

Microsoft Windows платформа : OllyDbg Immunity Debugger WinDbg Linux платформа : gdb edb