diff -r dd94cbf9eba7 -r 9fc6ec22ad82 slides/slides04.tex --- a/slides/slides04.tex Tue Oct 14 12:21:10 2014 +0100 +++ b/slides/slides04.tex Sat Oct 18 02:12:23 2014 +0100 @@ -45,7 +45,7 @@ \begin{itemize} \item ``Would be good, if you provide more detailed explanations. I feel your slides are not as structured as they could be.'' -\item Please consider reference book chapters to cover core subject +\item ``Please consider reference book chapters to cover core subject areas.''\pause \item ``The homework questions don't come directly from the slides. So must go look things up.'' @@ -113,7 +113,7 @@ "What is this string," I hear you ask? -You will laugh: it is +You will laugh: it is\pause \begin{center}\large \pcode{xmlset_roodkcableoj28840ybtide} @@ -129,7 +129,7 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \begin{frame}[fragile] -CVE-2014-0476 chkrootkit vulnerability 4 Jun'14\medskip +CVE-2014-0476 \pcode{chkrootkit} vulnerability 4 Jun'14\medskip \begin{quote}\rm\small Hi, @@ -139,8 +139,8 @@ configurations (\pcode{/tmp} not mounted noexec). Steps to reproduce: \begin{itemize} -\item Put an executable file named \pcode{update} with non-root owner in /tmp (not -mounted noexec, obviously) +\item Put an executable file named \pcode{update} with non-root owner in +\pcode{/tmp} (not mounted noexec, obviously) \item Run chkrootkit (as uid \pcode{0}) \end{itemize} @@ -148,7 +148,7 @@ rooting your box, if malicious content is placed inside the file. If an attacker knows you are periodically running chkrootkit (like in -cron.daily) and has write access to \pcode{/tmp} (not mounted noexec), he may +\pcode{cron.daily}) and has write access to \pcode{/tmp} (not mounted noexec), he may easily take advantage of this. \end{quote} \mbox{}\\[-10mm] @@ -752,9 +752,9 @@ \begin{center} \begin{tabular}{ll} -\bl{$A \rightarrow B$:} & \bl{$N_a$}\\ -\bl{$B \rightarrow A$:} & \bl{$\{N_a, N_b\}_{K_{ab}}$}\\ -\bl{$A \rightarrow B$:} & \bl{$N_b$}\\ +\bl{$A \rightarrow B$:} & \bl{$N_A$}\\ +\bl{$B \rightarrow A$:} & \bl{$\{N_A, N_B\}_{K_{ab}}$}\\ +\bl{$A \rightarrow B$:} & \bl{$N_B$}\\ \end{tabular} \end{center} @@ -762,15 +762,15 @@ \begin{center} \begin{tabular}{ll} -\bl{$A \rightarrow E$:} & \bl{$N_a$}\\ -\textcolor{gray}{$E \rightarrow A$:} & \textcolor{gray}{$N_a$}\\ -\textcolor{gray}{$A \rightarrow E$:} & \textcolor{gray}{$\{N_a, N_a\}_{K_{ab}}$}\\ -\bl{$E \rightarrow A$:} & \bl{$\{N_a, N_a\}_{K_{ab}}$}\\ -\bl{$A \rightarrow E$:} & \bl{$N_a \;\;(= N_b)$}\\ +\bl{$A \rightarrow E$:} & \bl{$N_A$}\\ +\textcolor{gray}{$E \rightarrow A$:} & \textcolor{gray}{$N_A$}\\ +\textcolor{gray}{$A \rightarrow E$:} & \textcolor{gray}{$\{N_A, N_A'\}_{K_{AB}}$}\\ +\bl{$E \rightarrow A$:} & \bl{$\{N_A, N_A'\}_{K_{AB}}$}\\ +\bl{$A \rightarrow E$:} & \bl{$N_A' \;\;(= N_B)$}\\ \end{tabular} \end{center}\pause -\small Solutions: \bl{$K_{ab} \not= K_{ba}$} or include an id in the second message +\small Solutions: \bl{$K_{AB} \not= K_{BA}$} or include an id in the second message \end{frame}} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%