- Introduction to Internet and System Security
- Introduce computer system security terminology
- Discuss some common Internet and system security issues
- Introduce some common classes of attack
- Why Security?
- Can you afford not to have security?
- Costs of security breaches
can be massive
- Costs of security breaches can be due to
- Business stolen by competitors
- Loss of reputation due to publicity of the breach
- Network service degraded, or stopped
- You might be prosecuted
- What is Computer Security?
- Keeping anyone from doing things that you do not want
them to do with, or from your data
- What Are We Protecting?
- Stored Information
- Accuracy of Information
- Information Value
- Access to External Services
- Access to Internal Services
- The Enterprise's Privacy
- Who Are We Protecting It From?
- Hackers
Typically young hobbyists; gain access via external
network connections.
- Criminal Intruders
They typically have more resources than hackers
- Corporate Raiders
They may have lots of resources!
- Insiders
Very dangerous; they are already past the first barrier
- Contractors
They present similar problems as insiders, and possess
less reason for loyalty
- Security Model
- Authenticity
- Stop unauthorized access to information
- Stop unauthorized alterations to a device's
configuration
- Privacy
- Stop interception/disclosure of information to
unauthorized parties
- Integrity
- Computer system assets and transmitted information
must be modifiable only by authorized parties
- Availability
- Computer system assets must be available to
authorized parties when needed
- Security Model Responsibilities
- Personal: The "user" level
- Countermeasures are the responsibility of system
administrators and individual users
- Interior: Threats from within your enterprise
- Deployment of countermeasures are the
responsibility of the system/network administrator
- Exterior: Threats derived from external network connections
- The network administrator is responsible for
countermeasures
- Attacks: Stealing or Guessing Passwords
- Password Stealing
- Knowing or guessing passwords, which provides a
"Front Door" into the system
- Knowledge of the password implies a valid
(i.e. authorized) user
- Networks make the situation worse
- Passwords are frequently sent "in the clear"
(unencrypted) across the net
- Social engineering is the easiest way into a system
- Attacks: Bugs and Backdoors
- Many operating systems and network software
implementations have known weaknesses
- Sendmail has had various problems
- Finger has been known to provide entrance
- Windows NT still supports dangerous protocols
(LanMan) in order to keep backward compatibility
- Usually are fixed in subsequent releases
- Many machines are still running old versions
without the bug fixes
- Sometimes bug fixes just create new pathways in
- Good software engineering practices in operating system
and network software design would help
- Orange Book attempts to deal with this issue
- Attacks: Protocol Failures
- Many protocols are not designed to be secure
- The TCP/IP protocol suite was designed for a
network of "trusted hosts"
- Trusted Computing Base (TCB) = trusted (host + user
+ path/route)
- Failures deny applications the chance to do the right thing
- E.g. IP source address spoofing
- TCP session stealing
- Cryptographic protocols
- Key distributions may be insecure
- Keys may be broken or compromised (enigma)
- Attacks: Information Leakage
- The finger protocol gives information about individual
users
- Tells who is currently logged in
- Helps with password guessing
- The Domain Name System (DNS)
- Address (A) records
- Map host names to IP addresses
- Provide target lists for attackers
- Pointer (PTR) records
- Map IP addresses to host names
- Attacker's host IP addresses can pretend to be
a trusted host
- Nslookup, Whois, and Whatis also provide detailed
information
- Attacks: Denial of Service
- Brute Force
- Filling up a machine's disk (or partition) via
email or FTP
- Hogging a server's CPU by creating numerous (or
rogue) processes
- Filling up an enterprise's internal network with
bogus traffic
- ICMP echo request messages
- SYN/ACK attacks
- Crack (password guessing program)
- Routing and routing protocols
- Disruption of communications
- Corrupting routing tables
- Changing host subnet masks
- The Security Policy
- A security policy is
- A formal definition of an enterprise's stance on
security - on what is and is not allowed
- Formulating a security policy
- Essential for any enterprise that has security
concerns
- Requires a thorough understanding of the potential
threats
- Need to determine countermeasures
- Usually includes a security audit of existing
systems
- A number of good (and not so) tools exist
- Security Policy Details
- It should consist of a formal document
- No two enterprises have exactly the same documents
- Risks and costs vary
- Documents may be subsidiary to other documents
- Two basic stances
- Everything not explicitly prohibited is permitted
(permissive)
- Everything not explicitly permitted is prohibited
(restrictive)
- Security Policy: Legal Issues
- A certain level of security may be a legal requirement
- Data Protection Act (Europe)
- Electronic Communications Privacy Act (U.S.)
- You may be legally restricted in what activities you
can monitor
- Surveillance is often allowed only with a court order
- Classified areas may differ
- Will you be able to prosecute a criminal intruder?
- Evidence of a break-in must be admissible in court
- Computer logs may not be admissible
- Summary
- Four threats to security
- Masquerade
- Interception
- Modification
- Interruption
- Security policy objectives maintain
- Authenticity
- Privacy
- Integrity
- Availability
- A security policy is essential
- Lack of, or ineffective security costs money
Last modified: Sat Oct 30 22:37:21 PDT 2004