Network security, part I

Cory Kempf cory at gloom.UUCP
Fri Dec 30 09:05:17 AEST 1988


In article <6943 at spool.cs.wisc.edu> dave at cs.wisc.edu (Dave Cohrs) writes:
>There are types of networking hardware that make it much easier
>to detect when your workstation is rebooted (or whatever).  Don't assume
>that all the world's an Ethernet.

You are in charge of security for a site consisting of several
networked workstations...
When you logged in this morning, you notice that Cindy's (one of the
company's employees whith a workstation) machine went down last night
at about 3:12 AM.  Cindy is currently working on her machine.  What
are you going to do?  (And are you really going to do this for each
and every machine, every time it goes down?)

(if it appears that I am about to try to lead you down the garden
path, you may be right...)

>Also, if I read Phil correctly, he's talking about having you, the
>user, authenticate the workstation as *yours*.  That is, you have to
>go though some authentication protocol, giving your password, which
>would give your workstation some cookie that said "this workstation
>belongs to cory", [etc]

The problem that I am going to be bringing to light (to the extent of
my imaginings today) would not find the above to be a significant
problem.  

>If being root on your workstation can spoof the authentication
>mechanism, then it's pretty useless in the grand scheme of things.
>Yes, rlogin is too trusting.

I submit that any scheme that only requires the user to log into the
host machine can be subverted by root on that machine.  

If it appears that I am being theatrical, ya, I am.  I admit it.  I am
hoping to make a serious point on network security.  A little under a
year ago, I attended a seminar on Security given by the ACM.  It was
for the most part interesting, but they glossed over network security.
Very disapointing.  Especially, as a lot of the stuff that was
discussed were things that I already knew.

+C
-- 
Cory ( "...Love is like Oxygen..." ) Kempf
UUCP: encore.com!gloom!cory
	"...it's a mistake in the making."	-KT



More information about the Comp.unix.wizards mailing list