Vulnerability Analysis in Linux OS
VerifiedAdded on 2019/09/16
|5
|1295
|611
Literature Review
AI Summary
The assignment content discusses vulnerabilities in Linux OS, specifically Privilege Escalation Vulnerability and Denial of Service (DoS) vulnerability. The content also touches on IP Spoofing vulnerability, which is used to conceal the identity of an attacking computer system. Additionally, the content highlights the importance of keeping Apache and other software up-to-date to prevent vulnerabilities from being exploited.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Literature Review
Linus OS is broadly utilized from embedded systems to servers, mainframes and
supercomputers, from science and education research to commerce, industry and national
defense. Papp (2015) conclude that Linus OS is an open and free source of software
collaboration: the underlying code of source can be used, distributed and modified, by anyone
who has the license from General Public License. Thus a latest important technology can
implement rapidly on Linux. Vulnerabilities in a Linux system can be of different types as per
the consequences caused by exploiting these vulnerabilities. Davidson (2013) said that the first
and the foremost important vulnerability is Privilege Escalation Vulnerability which works as an
act of exploiting a design configuration, bug or flaw system to gain elevated access to some
required resources which are protected by an application or user. Thus, with high-level privileges
can perform different unauthorized system which other cannot perform such as application
developer or system administrator. Kleidermacher (2012) defined this concept with an example
which is that a PTRACE SETREGS system call in a crafted application, enhance the race
condition in the functionality of the place Linus Kernel before permit the different users to get
different types of privileges which will result in unauthorized information disclosure,
modification and service disruption.
The other type of vulnerability present in the Linux OS is Denial of service vulnerability which
is also known as DoS (Ahmed, 2008). It is considered as the act of exploiting network protocol
implementation flaws and exhausting the different types of attached resources through brutal
means. The main aim of this Linux system vulnerability is to produce such system or network
that is not able to offer normal services or access to different important resources. It will mainly
Linus OS is broadly utilized from embedded systems to servers, mainframes and
supercomputers, from science and education research to commerce, industry and national
defense. Papp (2015) conclude that Linus OS is an open and free source of software
collaboration: the underlying code of source can be used, distributed and modified, by anyone
who has the license from General Public License. Thus a latest important technology can
implement rapidly on Linux. Vulnerabilities in a Linux system can be of different types as per
the consequences caused by exploiting these vulnerabilities. Davidson (2013) said that the first
and the foremost important vulnerability is Privilege Escalation Vulnerability which works as an
act of exploiting a design configuration, bug or flaw system to gain elevated access to some
required resources which are protected by an application or user. Thus, with high-level privileges
can perform different unauthorized system which other cannot perform such as application
developer or system administrator. Kleidermacher (2012) defined this concept with an example
which is that a PTRACE SETREGS system call in a crafted application, enhance the race
condition in the functionality of the place Linus Kernel before permit the different users to get
different types of privileges which will result in unauthorized information disclosure,
modification and service disruption.
The other type of vulnerability present in the Linux OS is Denial of service vulnerability which
is also known as DoS (Ahmed, 2008). It is considered as the act of exploiting network protocol
implementation flaws and exhausting the different types of attached resources through brutal
means. The main aim of this Linux system vulnerability is to produce such system or network
that is not able to offer normal services or access to different important resources. It will mainly
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
target a particular system to stop responding, and system services collapse. Chen (2013) said that
Linux OS has an algorithm which is utilized especially for the fragment reassemble and Linux
route catch index. As an when the Linux system obtains an especially developed packet from an
attacker, a clash will occur in the hash table due to which server resources are exhausted in a
larger context. A hash address is obtained by using operation of a hash algorithm for different
values which have the similar hash address as are stored in a particular hash slot. Parameswaran
(2008) said that currently, NVD outlined a high-risk DoS vulnerability in a specific version of
Linux such as CVE—2014-2523 which permits remote attackers to develop a DCCP packet. The
most important vulnerability of the Linux OS system is IP Spoofing vulnerability which is the
creation of internet protocol packets.
It is mainly established to conceal the identity of the impersonating computer system and the
sender which involves in exploiting of a combination of IP packets. It is mainly considered as an
auxiliary method of the different type of attack, which make the defense dependent on specific
disable IP lose efficacy. Yan-Ling (2008) considered that IP/TCP itself causes the IP/TCP stack
loopholes in different types of operating systems. It is not as an exceptional but an IP Packet with
a combination of different forge source IP address. It can be said that an attacking client paly a
different role as a trusted host and develop a different type of application collecting with the
target host. The collection is done on the basis of address validation. After getting an
achievement, the attacker establishes a backdoor of a system for different types of unauthorized
operation. An attacker collected different types of data related to different bogus IP. It is
collected with the help of different types of IP segments which a server delivers. Safford (2013)
conclude that different types of host resources can easily exhaust with the help of forged source
address on every new packet. Jimenez (2016) said that apache vulnerabilities influence the
Linux OS has an algorithm which is utilized especially for the fragment reassemble and Linux
route catch index. As an when the Linux system obtains an especially developed packet from an
attacker, a clash will occur in the hash table due to which server resources are exhausted in a
larger context. A hash address is obtained by using operation of a hash algorithm for different
values which have the similar hash address as are stored in a particular hash slot. Parameswaran
(2008) said that currently, NVD outlined a high-risk DoS vulnerability in a specific version of
Linux such as CVE—2014-2523 which permits remote attackers to develop a DCCP packet. The
most important vulnerability of the Linux OS system is IP Spoofing vulnerability which is the
creation of internet protocol packets.
It is mainly established to conceal the identity of the impersonating computer system and the
sender which involves in exploiting of a combination of IP packets. It is mainly considered as an
auxiliary method of the different type of attack, which make the defense dependent on specific
disable IP lose efficacy. Yan-Ling (2008) considered that IP/TCP itself causes the IP/TCP stack
loopholes in different types of operating systems. It is not as an exceptional but an IP Packet with
a combination of different forge source IP address. It can be said that an attacking client paly a
different role as a trusted host and develop a different type of application collecting with the
target host. The collection is done on the basis of address validation. After getting an
achievement, the attacker establishes a backdoor of a system for different types of unauthorized
operation. An attacker collected different types of data related to different bogus IP. It is
collected with the help of different types of IP segments which a server delivers. Safford (2013)
conclude that different types of host resources can easily exhaust with the help of forged source
address on every new packet. Jimenez (2016) said that apache vulnerabilities influence the
working of Linux OS in a significant manner. It mainly includes Tomcat, Apache HTTP Server
vulnerabilities, Camel and different types of the web server. All these components of apache
vulnerabilities cause website defacement, denial of service, privilege escalation, and information
disclosure. Every UNIX and Linux system runs with the help of Apache (Niu, 2014). It is
necessary that different operating systems don’t run Apache as root because it influences their
working situations in a large extent. While working it should ensure that one is running the
current and updated patch level and the core components of OS referenced by Apache (Jacobsen,
2016). FTP Server is mainly developed with the updated versions of Red Hat Linux. It is not
significantly compiled with different TCP wrappers but is installed as a standalone service.
vulnerabilities, Camel and different types of the web server. All these components of apache
vulnerabilities cause website defacement, denial of service, privilege escalation, and information
disclosure. Every UNIX and Linux system runs with the help of Apache (Niu, 2014). It is
necessary that different operating systems don’t run Apache as root because it influences their
working situations in a large extent. While working it should ensure that one is running the
current and updated patch level and the core components of OS referenced by Apache (Jacobsen,
2016). FTP Server is mainly developed with the updated versions of Red Hat Linux. It is not
significantly compiled with different TCP wrappers but is installed as a standalone service.
References
Davidson, D., Moench, B., Ristenpart, T. and Jha, S., 2013. FIE on firmware: Finding
vulnerabilities in embedded systems using symbolic execution. In Presented as part of the 22nd
USENIX Security Symposium (USENIX Security 13) (pp. 463-478).
Kleidermacher, D. and Kleidermacher, M., 2012. Embedded systems security: practical methods
for safe and secure software and systems development. Elsevier.
Ahmed, N., Khalib, Z.I.A., Ahmad, R.B., Sudin, S. and Asi, S., 2008, December. Low-End
Embedded Linux Platform for Network Security Application–Port Scanning Detector. In 2008
International Conference on Advanced Computer Theory and Engineering (pp. 1085-1088).
IEEE.
Parameswaran, S. and Wolf, T., 2008. Embedded systems security—an overview. Design
Automation for Embedded Systems, 12(3), pp.173-183.
Yan-Ling, X., Wei, P. and Xin-guo, Z., 2008, July. Design and implementation of secure
embedded systems based on trustzone. In Embedded Software and Systems, 2008. ICESS'08.
International Conference on (pp. 136-141). IEEE.
Chen, H., Cutler, C., Kim, T., Mao, Y., Wang, X., Zeldovich, N. and Kaashoek, M.F., 2013,
July. Security bugs in embedded interpreters. In Proceedings of the 4th Asia-Pacific Workshop
on Systems (p. 17). ACM.
Papp, Dorottya, Zhendong Ma, and Levente Buttyan. Embedded Systems Security: Threats,
Vulnerabilities, And Attack Taxonomy. 2015.
Davidson, D., Moench, B., Ristenpart, T. and Jha, S., 2013. FIE on firmware: Finding
vulnerabilities in embedded systems using symbolic execution. In Presented as part of the 22nd
USENIX Security Symposium (USENIX Security 13) (pp. 463-478).
Kleidermacher, D. and Kleidermacher, M., 2012. Embedded systems security: practical methods
for safe and secure software and systems development. Elsevier.
Ahmed, N., Khalib, Z.I.A., Ahmad, R.B., Sudin, S. and Asi, S., 2008, December. Low-End
Embedded Linux Platform for Network Security Application–Port Scanning Detector. In 2008
International Conference on Advanced Computer Theory and Engineering (pp. 1085-1088).
IEEE.
Parameswaran, S. and Wolf, T., 2008. Embedded systems security—an overview. Design
Automation for Embedded Systems, 12(3), pp.173-183.
Yan-Ling, X., Wei, P. and Xin-guo, Z., 2008, July. Design and implementation of secure
embedded systems based on trustzone. In Embedded Software and Systems, 2008. ICESS'08.
International Conference on (pp. 136-141). IEEE.
Chen, H., Cutler, C., Kim, T., Mao, Y., Wang, X., Zeldovich, N. and Kaashoek, M.F., 2013,
July. Security bugs in embedded interpreters. In Proceedings of the 4th Asia-Pacific Workshop
on Systems (p. 17). ACM.
Papp, Dorottya, Zhendong Ma, and Levente Buttyan. Embedded Systems Security: Threats,
Vulnerabilities, And Attack Taxonomy. 2015.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Safford, D., 2013. Embedded Linux Integrity. Proceedings of the Linux Security Summit (LSS
2013).
Jimenez, M., Papadakis, M. and Le Traon, Y., 2016. Vulnerability Prediction Models: A case
study on the Linux Kernel. In 16th IEEE International Working Conference on Source Code
Analysis and Manipulation, SCAM 2016, Raleigh, US, October 2-3, 2016.
Niu, S., Mo, J., Zhang, Z. and Lv, Z., 2014, May. Overview of Linux Vulnerabilities. In 2nd
International Conference on Soft Computing in Information Communication Technology.
Atlantis Press.
Jacobsen, C., Khole, M., Spall, S., Bauer, S. and Burtsev, A., 2016. Lightweight capability
domains: towards decomposing the Linux kernel. ACM SIGOPS Operating Systems
Review, 49(2), pp.44-50.
.
2013).
Jimenez, M., Papadakis, M. and Le Traon, Y., 2016. Vulnerability Prediction Models: A case
study on the Linux Kernel. In 16th IEEE International Working Conference on Source Code
Analysis and Manipulation, SCAM 2016, Raleigh, US, October 2-3, 2016.
Niu, S., Mo, J., Zhang, Z. and Lv, Z., 2014, May. Overview of Linux Vulnerabilities. In 2nd
International Conference on Soft Computing in Information Communication Technology.
Atlantis Press.
Jacobsen, C., Khole, M., Spall, S., Bauer, S. and Burtsev, A., 2016. Lightweight capability
domains: towards decomposing the Linux kernel. ACM SIGOPS Operating Systems
Review, 49(2), pp.44-50.
.
1 out of 5
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.