Week 4 Flashcards
What is an Access Control Matrix?
Matrix of all principles and objects - determines permissions.
Must not be corrupted.
What columns does the UNIX access control list have?
Permissions - Link Counter - Owner - Group - Size - Date - File Name
What sections are there of a permission in UNIX?
File Type - Owner Permissions - Group Permissions - Other Permissions
What access control is there for directories in UNIX?
“r” - read only
“x” - permission to traverse, switch to, run…
What are the different types of uids?
ruid - owner of a process.
euid - used for access checks (except filesystem).
fsuid - used for access checks and ownership of files ( = euid).
suid - when euid changed, old euid is saved. Unprivileged process may change euid only to ruid or suid.
What does the s permission indicate?
That a program runs with the permission of it’s owner.
What is a security measure for storing passwords?
Store pair (salt, hash) where salt is a random bitstring and hash is the hash of the salt + password.
What is Pass-the-hash?
Obtain user credentials for one host in domain.
Exploit to become local administrator.
Install process that waits for domain admin.
Extract cached hash for domain admin.
Log-in.
What is password injection?
Adding own account to hard disk / replace hash with another.
How does BIOS increase security?
Set a password in the BIOS to stop the computer from booting from anything but the hard disk.
What is TCP?
Protocol that asks for lost IP packets to be resent.
Allows multiple connections through ports.
What is a TCP socket defined by?
Destination IP and port.
Source IP and port (chosen at random).
What is the internet protocol stack?
Application
Transport (TCP)
Network (IP)
Link/hardware (Ethernet)
What is DCHP?
Dynamic Host Configuration Protocol.
Assigns an IP address to a new machine (MAC address).
Not stored long term.
What is ARP?
Address Resolution Protocol.
Lets router find out which IP address is being used by which machine.
