previous |
start |
next
Internet Security
Most interest in security issues is in connecting to the Internet
in a secure way. Recall:
- An Internet-connected system uses the TCP/IP protocol suite.
The TCP/IP model of communications is based on server processes
waiting (at well-known ports) for remote sites to establish
connections.
- A server process has very little information -- usually only a
reverse DNS lookup -- about the identity of a remote host which is
attempting to connect. Even reverse lookups can be compromised by
manipulation of DNS tables or by IP Spoofing,
where a remote host generates IP packets that look as though they
came from some other system.
- Servers which generally accept all connections without any
(initial) security checks (such as
finger
and
sendmail
) can b e vulnerable to various forms of
attack, such as attempted buffer over-running.[1]
- A major problem is the whether the sysadmin can
trust the server programs to be bug free...An
issue here is whether the vendor provides access to source code for
scrutiny.
[1] A successful
buffer overrun attack requires extremely detailed knowledge of the
vulnerable target system. However, many such exploits have been
observed over the years. The famous "Morris Internet Worm" of 1988
was based (among other things) on a buffer overrun attack on
sendmail, the Unix standard package for email delivery.
previous |
start |
next