Tip

Protocols and trust issues



In the e-commerce world, security means Web site security. This tip from InformIT looks at some of the Web's common vulnerabilities and what you can do to avoid them.

-----------------------------------------------------------

Network and cryptographic protocols have been the source of many vulnerabilities thanks to trust assumptions gone awry. Several examples of these problems exist in the Internet Protocols. For instance, the protocol assumes that legitimate users will not attack the fabric of the network infrastructure itself. This belief leads to a plethora of current network vulnerabilities and attacks. Some examples of these, with the corresponding problems in trust assumptions are as follows:

IP is subject to eavesdropping (network sniffer) attacks in which the contents of network communications are readable by other than the sender and recipient. Trust assumption: No protection of packet contents is necessary because those other than the intended destination can be trusted not to read a message.

Domain Name Service (DNS) is subject to many attacks ranging from DNS flooding (in which an adversary floods a client system with numerous invalid DNS responses, leading the client to accept a false name service response to the DNS lookup) to spoofed DNS servers (in which an adversary runs a DNS server that provides invalid information in response to client lookup requests). Trust assumption: DNS provides trustworthy mapping of IP

    Requires Free Membership to View

addresses to names. Secondary trust assumption (bonus headache!): IP addresses or hostnames provided by DNS are suitable bases for authentication.

Routing Internet Protocol (RIP) is used by Internet gateways to publish information about new gateways and networks. In many implementations, RIP trusts information that affects the routing of IP packets, regardless of the source or validity of that routing information. This condition can lead to the "black hole" network denial-of-service attack in which a rogue router broadcasts a false message asserting that it provides the shortest route to all destinations. The result is a scenario in which all packets for a portion of the network are sent to this router, which then drops all the packets. Another attack enabled by this vulnerability is a network eavesdropping attack in which packets are routed through a network segment on which a packet sniffer is running. Trust assumption: Any RIP packet is by default considered trustworthy.

Using intrusion detection for metering trust
You've probably noted by now that problems in this category are more subjective than those in the other two. Some instances here, especially those problems involving network trust models and protocols, can be handled by perimeter protections, such as firewalls. The rest require more finesse. As in the physical world, operating in an environment sheltered enough to support liberal trust relationships between entities is often more efficient than operating in settings that require greater levels of suspicion. However, also as in the physical world, when the environment is hostile, utilizing sound practices and technologies to prevent attacks is much more efficient than razing and rebuilding structures every time attackers inflict damage. Furthermore, environmental threat and demand for availability is dynamic. This characteristic makes the task of balancing protection against availability a challenge to even the most expert security administrators.

The key to handling problems that fall in this category is policy. Predefining security goals enables security managers to define a security-sparing way of dealing with trust issues. Policy allows management to direct users to modify their usage patterns. Security tools and technologies such as firewalls and intrusion-detection systems can put teeth into these directives by blocking violations and measuring compliance.

Intrusion-detection systems can help. They give administrators capabilities to apply policies, test user compliance levels with these policies and define specific scenarios that require intervention. In some cases, intrusion-detection systems also allow administrators to automate that intervention. Managing these capabilities from a central location allows a security administrator to flex the security mechanisms according to organizational needs, responding to problem situations as they arise.

To read more of this tip, click over to InformIT. Registration is required there, but it's free.


Related book

IP Routing Protocols: RIP, OSPF, BGP and Cisco Protocols, First Edition
By Uyless Black
Summary:
Four routing protocols -- RIP, OSPF, BGP and the Cisco protocols -- are at the heart of IP-based internetworking and the Internet itself. In this comprehensive guide, telecommunications consultant Uyless Black teaches network professionals the basics of how to build and manage networks with these protocols. Beginning with an exceptionally helpful tutorial on the fundamentals of route discovery, architecture and operations, Black presents in-depth coverage of these topics and more.


This was first published in February 2001

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.