Humboldt University Computer Science Department Systems Architecture Group IT-Sicherheit Grundlagen Übung 2 Übungsaufgabe,

Humboldt University

Computer Science Department Systems Architecture Group http://sar.informatik.hu-berlin.de

IT-SicherheitGrundlagen

Übung 2

Übungsaufgabe,

Permissions, ACLs


Aktuell: http://heise.de/-1542748

Österreichische Bürgerkarte erneut angreifbar

Die österreichische Bürgerkarte, die ähnliche Signierfunktionen wie hierzulande der nPerso hat, ist erneut angreifbar: Ein Angreifer kann die Java-basierte Online-Version der Bürgerkartenumgebung (BKU) missbrauchen, um etwa Banktransaktionen zu autorisieren oder PDF-Dokumente mit der qualifizierten Signatur des Opfers (gleichbedeutend mit einer Unterschrift auf Papier) zu unterzeichnen. Dies hat der Sicherheitsexperte Wolfgang Ettlinger herausgefunden.

…

Dr. Wolf Müller2

http://heise.de/-1542748


Vorstellung: Übungsaufgabe

Seitenkanalangriff Crackmehttps://www2.informatik.hu-berlin.de/sar/Itsec/uebung_ssl/crackme.pdf

Dr. Wolf Müller3

https://www2.informatik.hu-berlin.de/sar/Itsec/uebung_ssl/crackme.pdf


Software

• IDAPro auf gruenau[1-4]

• idal Terminal• idaq GUI

Dr. Wolf Müller4


FAT File System

• MS-DOS FAT12,FAT16 frühe Windows-Versionen FAT16• Single user, single tasking• FAT (File Allocation Table) file system.• Einfache Dateiattribute:

– Directory entry– Read Only– Archive– System– Hidden

• 8.3 Format für Dateien, Verzeichnisse– 12 bit FAT = max 4096 clusters of 512 to 4k bytes (max 16Mb)– 16 Bit FAT = max 65,525 clusters of 2k to 32k each (max 2Gb)

• SHARE.EXE erlaubt Mehrfachzugriff für Dateien

Permissions, ACLs?


VFAT

• Windows 95 lange Dateinahmen• Single user / multitasking• Dateiattribute wie gehabt.• 2 Terabyte disk size with FAT32


FAT32

• Windows 95sr2/ Windows 98• Adressierung mit 32 Bit, 4 Bit reserviert:• 228 = 268.435.456 Cluster adressierbar• Dateien dürfen max. bis zu 4 GiB − 1 Byte

(= 4.294.967.295 Byte) groß sein


OS/2

• Single User, Multi-tasking• Uses HPFS – High Performance File System, • File attributes

– As per MS-DOS plus– Creation time and date– Modification time and date– Access time and date

• 256 character file names• 2 Terabyte maximum disk size


NTFS

• Windows NT, 2000, XP, 2003• Various versions of NTFS latest being version 5.0• Multi-user, multi-tasking• NTFS is a Journaled File System• File attributes and Permissions

– Attributes Read Only, System, Hidden and Archive.– Permissions

Read Write Execute Delete Ownership Control


NTFS (2)

• Features– File quotas– File compression– Encryption– Indexing service– Drive spanning

• The machine’s user need not be given access rights to all the resources.

Problem?


NTFS - Access Control Lists

• MFT Security Descriptor Attribute for a file or folder contains two tables of lists:– SACL – System Access Control List, which records auditing information– DACL – Discretionary Access Control List – which maintains list (of Access

Control Entities) i.e. users’ SID and list of permissions for that file or folder Win NT uses static inheritance model

– When a folder is created it inherits permission from the parent folder, but if changes are later made to the parent the subfolders do not change unless you select to Apply the changes to subfolders, which can act as a sledgehammer overwriting individually set subfolder permissions

Win 2000 uses dynamic inheritance model– As parent folder change, permissions are inherited to the subfolders dynamically.– Win 2000 offers more flexible control over inheritance

– ACLs can be resident in the MFT or stored as separate Metadata


NTFS – Data Streams

• file:stream• e.g.

– echo Hello > test.txt:AWPP– echo GoodBye >> test.txt– more < test.txt– more <test.txt:AWPP


File system’s role in User Level Security in NTFS• NTFS has extended attributes to support secure multi-user

access.• Access Control List, ACL, maintains list of User, Groups (or

Computers) with rights allowed or denied to a resource.• Cannot access Local machine’s data, without valid user

account with rights to do so.


Local User Accounts

• Give users access to resources on a single machine, whether that user logs in locally or remotely

• These accounts reside in the Security Access Manager (SAM) located as a file on the machine.

• SAM maintains passwords and permissions for the user, and each user is given a Security Identified SID

• SID’s are used in Access Control Lists on files and folders• Local Groups can be created to group similar user permissions.• Built in accounts include Administrator and Guest• Built in groups include Administrators, Power Users, User, Everyone• Standard Permission make the bewildering array of choices easier to work with• Only the Administrator or members of the Administrator Group can manage the

full set of information for users and groups.• The Guest account can represent a security weakness, or can be used to

implement Share Level type security for systems not requiring high security


Issues with User Level security in workgroups or standalone• Each user and or group must be setup on each local and

remote machine that user need to access, management is complex

• Passwords can get out of sync very easily, users may not be set up identically through the system.

• Verifying a user’s access rights across a large organisation is an impossibly daunting task

• System is generally very secure, which can be a problem if users forget passwords, especially to Administrator user account on Local machine. You forget - You regret.

• In many cases you need administrator rights to install software, or configure the machine

• ActiveDirectory, WindowsDomains


Workgroups or stand alone with User Level sharing• Each machine (server or workstation peer ton peer server)

that a user wishes to remotely log on to must have that user set up in the database of users for that machine.– Each user is generally defined with a password.

• Users can be added as members to groups to– Any of the pre-defined standard groups, eg User, Everyone, Power

Users, Administrators– or groups can created on the machine.– You must have an Administrator account or someone of that

equivalence.


Workgroups or stand alone with User Level sharing (cont)• How to share a Folder

– Set Permissions


Workgroups or stand alone with User Level sharing• How to share a Folder

– Browse to folder – On Share Tab on

Properties box

check Share Folder– Permissions and

security


Workgroups or stand alone with User Level sharing (cont)• How to share a Folder (cont)

– Use Security for Control of inherited

rights Fine control of

advanced security


Workgroups or stand alone with User Level sharing (cont)• Log on as a Local User to a machine

– Enter Username and Password This username must match a user already setup on this machine, and

how has permission to log on as a local user

• Log on as Remote User to a shared resource– Use Network neighbourhood to Browse thru Workgroup, find a

machine, and browse the shareable resources on machine– Select shared resource– If username and password on local machine match then you are

granted access, otherwise you must enter the login name and password.

The username password pair must be setup on remote machine


Win XP – Simple File Sharing

• Simple File Sharing allows you to access shared files using the Guest Account (which by default has no password) and comes close to the sort of file sharing of Win95/98/ME

• There is little or no security using this and is best turned off– From with My Computer – Tools – Folder Options from

View Tab click Advanced – Sharing and Security.


Windows Domains

• Organises servers and computers into administrative and physical structures, and users log on to the Domain rather than the individual machines.

• Where networks are large enough to have several domains, Trust relationships can be used to verify the identity of a user logged on to one domain to another domain. Users still need to be created and managed in each domain, the Trust only authenticates the user

• A domain has one SAM (Security Account Manager) for the Domain, consolidating management

• The SAM is managed and stored on a machine known as the PDC (Primary Domain Controller), only one machine in a domain can act in this role, it is always advisable to have a Backup Domain Controller (BDC) which has a read only replica of the SAM


CD and DVD File Systems

• ISO-9660 also called CDFS• UFS Universal File System

– Includes advanced features such as Long and Unicode filenames 64 bit file sizes File symbolic links ACL Access Control Lists Alternate Data Streams

– UFS is constantly evolving


Linux File Systems

• Ext2 (Extended File System )– Is the usual native file system for Linux– Uses inodes and allocation bitmaps (like NTFS)

• Ext3– Adds journalling to Ext2

• Reiser– Uses balanced tree indexing, is very efficient with large directories of small files (64k block size)– Provides metadata journalling (like NTFS)

• JFS– A journaled file system based on an IBM file systems from OS/2 Warp

• XFS

• Each of the above support ACL’s. ACL’s which were introduced in the Linux Kernel 2.5.46


Linux Permission Systems

• Traditionally Linux (and Unix) offer 3 sets of permissions for files and directories– Read, Write and Execute for the three groups Owner, Group and Others– This can be very restrictive, being only one owner, and one group per file or

directory.• Additional control of permissions is provided with ACL’s (like the

Windows ACL’s)• Support for ACL’s was first brought about for support for Samba

(Microsoft file sharing support)• Managed through the getfacl and setfacl programs, whereas traditional

permissions are managed thru chmod


Linux

• S-Bit• Sticky-Bit

Aufgaben:

1. Zufriff teilen zwischen mehreren Nutzern

2. 1.) automatisiert auch für neue Verzeichnisse

3. S-Bit für Shellskripte?

4. Nur Eigentümer einer Datei (oder der Eigentümer des Verzeichnisses) darf Datei löschen oder umbenennen

Dr. Wolf Müller26

Documents

Humboldt University Computer Science Department Systems Architecture Group IT-Sicherheit Grundlagen Übung 2 Übungsaufgabe,