Abstract
After a brief look at the cost of poor network security, this chapter examines the history of TCP/IP security, the most popular methods of securing a network, and some of the potential dangers. You then get some insight into the mind of a potential intruder, which will make you more effective in preventing unauthorized access to your networks. The last section lists common places a network is vulnerable.
THE COST OF POOR SECURITY
Companies with poorly designed or no security systems are suffering enormous costs. The cost of a security system is far less than the cost of intrusion. A quick look at some of the figures can be a wake-up call for network administrators and business owners alike.
According to one study conducted by the U.S. Senate’s Permanent Investigations Subcommittee, intruders cost businesses more than $800 million in 1995 alone, with U.S. companies losing more than half of the total. The study reported that in most cases, the breaches were not reported to law enforcement agencies for fear of bad publicity.
In 1995, the Department of Defense (DoD) computer networks experienced more than 250,000 attacks, and that rate of attack is expected to at least double every year for the foreseeable future. It is believed that these attacks were successful about 65 percent of the time. Even though some attacks to DoD systems are only a nuisance, some are a threat to national security. In the spring of 1994 at an Air Force laboratory in Rome, New York, a pair of intruders successfully broke into the lab’s computer systems more than 150 times. During their dances around the lab’s systems, they collected the passwords of users and used those passwords to break into more than 100 other computer systems attached to the Internet. One of the perpetrators, a 16-year-old boy from London, England, was apprehended. The other intruder remains unknown and uncaught.
These facts should alert you to the potential dangers of intrusion. What will a break-in cost you? Perhaps your entire business. Again, don’t take your network security lightly, and never assume you are completely safe from intrusion.
THE HISTORY OF TCP/IP SECURITY
As soon as someone discovered how to connect computers to form a network, someone else immediately tried to infiltrate that system. Network security has come a long way. Let’s take a walk through time and see where we have been, where we are, and where we are going.
Yesterday
In the very early days, all we had to work with were simple password schemes. Users picked a password and used it to access a computer system and its resources. The idea of creating networks of computers to share information and resources opened up a whole new can of worms. It became possible to reach out to systems besides your own without leaving the comfort of your own machine.
TCP/IP was vulnerable from the very beginning. In TCP/IP’s very early days, circa 1983, not many people were seriously concerned about security. The excitement at connecting dissimilar systems overshadowed any concern for securing the connection. TCP/IP was designed to be a networking protocol without protection, not to offer any built-in security mechanisms — it travels across a network, which leaves the protocol open to interception along the way. The evolution of TCP/IP security was really the evolution of network security. Any resource accessible over the network presented a potential security risk to be exploited in some manner. To understand the nature and evolution of network security, we must consider that people used computers primarily to communicate. Sending electronic messages and transferring files were the most popular uses of networks.
TCP/IP was almost immediately adopted in the Unix community and first appeared in the BSD Unix operating system. When that great marriage took place, Unix became vulnerable. Every connection between a Unix system and a network like ARPAnet was open for exploitation. (As you recall, ARPAnet was the forerunner of today’s Internet.) The Internet quickly became dominated by Unix operating systems (and remains so today). Unix includes known security flaws, especially in services such as e-mail. As Unix Sendmail and FTP were ported to other operating systems, so were the bugs and flaws. Fortunately, many of the systems using these services had different underlying structures that helped provide a natural protection against their flaws.
For example, intruders used Sendmail to instruct a system to mail them its password file. In the hands of an experienced intruder, the password files could be deciphered easily. However, systems such as Windows NT did not become vulnerable to this type of flaw because Windows NT does not store its passwords in an easily accessible file that it can simply e-mail or transfer out of the system.
As I mentioned, in the early days, security was based on passwords, which remain the last line of defense. However, as time went by, engineers focused on eliminating security flaws introduced by poorly engineered software. They came up with newer and more powerful encryption mechanisms to protect password files that were obtained by an intruder. They created ways to hide password files altogether, making them difficult to locate. Eventually, they began to look at the network and TCP/IP themselves as ways to prevent an intruder from ever reaching a computer on the network. If you can prevent unauthorized traffic, even a poorly protected software package running on a networked computer is instantly far less vulnerable to attack.
The engineers’ work was made more difficult by the way the Internet evolved. Most of the early computer systems on the Internet belonged to universities and government agencies, which believed that the Internet should provide free access to all information. If a few people abused that free access, then that was the price. Even today, many universities on the Internet follow this philosophy, imposing very few restrictions. Unfortunately, when one person creates a liberty, another person will exploit that liberty.
Today’s Network Security
In today’s world, security is of paramount concern. Networks have proven themselves invaluable in the world of commerce. If the old saying "money makes the world go around" is true, in the very near future that saying will become "networks make the world go around" as more businesses adopt wide-area networks as their vehicle for commerce.
Today, network security takes many forms, and a wide range of protection mechanisms are at your disposal. Innovations in password protection include heavier encryption schemes and password-choosing programs that attempt to crack a password before it’s allowed to be used. The engineers who investigated minimizing network traffic have created a broad range of solutions that are available for today’s networks. Because TCP/IP transmits data in packets, it makes sense for networks to identify and control those packets as they enter a network environment. Engineers have invented wonderful instruments of protection, such as packet filters, application gateways (proxy servers), and circuit-level gateways, each of which we discuss in more detail later in this chapter. Engineers have even come up with such high-tech devices as magnetic card keys, optical retina scanners, and fingerprint readers that are all available today. They’ve also introduced some simpler protection mechanisms, such as timers that limit the times of day a user can access a system.
Today’s security world is much more high-tech than that of the past. However, security has not reached perfection by any means. New ways of protecting computers, networks, and their resources are still evolving in many different ways.
Each time we develop a new way of disseminating information across a network, we open up a whole new world of security issues and concerns. Yesterday it was Sendmail software, and today it’s the World Wide Web. Fortunately, the Web is so popular that almost every major software development firm has adopted its technology and is improving it. Now some of the greatest and most powerful minds will undoubtedly take on security issues and find solutions very rapidly. For example, Microsoft and Visa are working with other firms to develop secure means of transmitting electronic payment information across the Internet.
The Orange Book
The DoD views security seriously, and rightly so. The best-known of the DoD’s publications on security is the Orange Book, which is short for DoD standard number 5200.28, Trusted Computer System Evaluation Criteria. The Orange Book provides technical criteria for hardware, firmware, and software security, along with associated technical evaluation methodologies that support data security. We discuss the Orange Book and other DoD security publications in more detail in Chapter 3.
The Orange book categorizes security in four divisions, some of which have subdivisions:
Division D: Minimal Protection — Systems such as DOS fall into this division because they have almost no protection schemes.
Division C: Discretionary Protection — Most widely used operating systems profess to comply with Division C, Class 2 security (C2). However, there is a difference between being C2-certified by the National Computer Security Center (NCSC) and complying with Division C2 security.
Class 1 (C1): Discretionary Security Protection
Class 2 (C2): Controlled Access Protection
Division B: Mandatory Protection — A system must provide mathematical documentation of its security and be able to maintain its system security even while the system is down.
Class 1 (B1): Labeled Security Protection
Class 2 (B2): Structured Protection
Class 3 (B3): Security Domains
Division A: Verified Protection — A system must prove that it matches the specifications to the letter.
Class 1 (A1): Verified Design
Beyond Class 1
Any computer system that allows open and unrestricted access falls into security Class D. Most commercial operating systems are in the C1 and C2 categories. The Class B divisions are less practical to implement in a typical business environment. Class B and Class A systems are most often found where the absolute highest levels of security must be maintained at all times; for example, in some government-run computer systems. For a look at the Orange Book, point your Web browser to http://tecnet1.jcte.jcs.mil:8000/htdocs/teinfo/directives/soft/stan.html. For further sources of information, see the Bibliography.
Windows NT is in the C2 security division. One criterion for meeting this guideline is that you must keep the server behind a constantly locked door. C2 security capabilities weren’t in Windows NT in the first release. Microsoft implemented C2 so that it could bid on government contracts for operating systems that require certain levels of security.
Microsoft and Netscape are two key players setting standards for securing systems and data transmissions. Netscape proposed and deployed the Secure Socket Layer (SSL), which is a way for Web browsers to exchange data with a Web server using secure data encryption methods. Visa, MasterCard, and other companies are developing their own security standards for electronic commerce.
The Security of Tomorrow
We can look into the future with relative ease and see quite clearly that security is still improving. In Chapter 1, we discussed IPng, which gives TCP/IP the ability to protect itself from tampering. You can expect this new protocol to be adopted and quickly put into use. In addition, all the software- and hardware-based security technologies that currently lend protection to TCP/IP will evolve to give greater protection to this next-generation protocol.
For a clearer view of the direction security technologies are headed, we need only look to the medical and science communities. Their technologies, such as fingerprint readers, body temperature patterns, DNA decoders, and other high-tech means of positive identification, will be adopted in the computer security world at a blistering pace. These types of technology will improve security at both the system level and network level, offering new ways to authenticate network traffic origins and destinations.
Whatever technologies are in vogue, the network security of yesterday, today, and tomorrow can be reduced to one word — diligence. Good security is, and always will be, a cycle of diligence in monitoring security, analyzing data, and implementing procedures.
SECURITY METHODS
You can secure a TCP/IP network in many different ways. We cover the most common methods briefly in this section and in more detail in Chapter 17. To choose your methods, you need only ask yourself one simple question: "What am I trying to protect, and who am I protecting it from?" Specifically, we will look at
firewalls
packet filters
proxy servers and application gateways
circuit-level gateways
physical isolation
protocol isolation
monitoring and auditing
Firewalls
You’ll hear the term firewall used often. In a sense, "firewall" is a generic term because a firewall is simply some type of mechanism — hardware, software, or both — for protecting your network from the outside world.
Unfortunately, some people think they’re protected if they install a firewall. Those people could not be more misinformed. If you think firewalls are foolproof, consider France’s Maginot Line. The Maginot Line was a defensive wall 62 miles long, armed to the hilt with artillery and soldiers, that was designed to keep the Germans out of France after World War I. Some French thought it was the perfect defense, but the Germans had another idea — they simply walked around it. There’s more than one way to get past a barrier, including a firewall, and you can bet some intruder will find it.
According to International Data Corp., the threat of intruders penetrating networks attached to the Internet has sent worldwide firewall sales skyrocketing from about 10,000 units shipped in 1995 to a projected 1.5 million by 2000. Some industry sources predict that this market stimulation will drive prices for an average firewall from around $16,000 today to about $650 in 2000. Companies like Ascend Communications ( http://www.ascend.com ) already sell their packet-filtering firewalls for as little as $500, although they’re alone in this price range at the moment.
Order Your SQL Fundamentals CD Today! Learn how to use SQL Server, understand Office integration techniques and dive into the essentials of SQL Express and Visual Basic with this free SQL Fundamentals CD.
You've Deployed SharePoint...Now What? This one-day free online conference delivers the technical knowledge needed to kick MOSS up a notch. In one information-packed day, independent SharePoint experts will present practical, real-world information and provide take-away, ready-to-use solutions
What Would You Do If You Ran Microsoft? ITTV's 2008 inaugural video contest, "If I Ran Microsoft..." is your chance to tell it like it is. Be goofy or be serious, but don"t miss this chance to have fun, win prizes, and go viral in a major way.
Maximize Your SharePoint Investment This web seminar discusses how true bi-directional replication of SharePoint content from one server to another enables branch offices to maintain access to current SharePoint content.
Windows IT Pro
Register
