[ Search ] [ What's New? ] [ About ]
[ Bugs ] [ Misc ] [ Mailing Lists ] [ Newgroups ] [ NewsWire ] [ Papers ] [ People ]
[ Pictures ] [ Publications ] [ Responce Teams ] [ Tools ] [ Upcoming Events ] [ Web Sites ]

Firewalls

Title: A Network Firewall
Authors: Marcus J. Ranum
Abstract:
Information is the lifeblood of the computer age, and network connectivity is crucial to day-to-day business. Connecting a private, corporate network to the Internet is not acceptable without some form of secure gateway acting as a firewall between the two networks, to prevent miscreants and unwelcome visitors from accessing hosts on the private network. In the case of a software or hardware vendor, source code, CAD diagrams, and other product-specific information must be kept secret. Hospitals and insurance companies, that maintain confidential information, or pharmaceutical research labs with patent applications cannot afford to take chances with data theft. A break-in over the network could do incalculable damage in a very short time. Digital has implemented several gateways between its corporate network and the Internet, which provide a high degree of access while maintaining excellent security. The gateways are composed of multiple machines acting together, and a specially configured packet-screening machine that provides discretionary TCP/IP access control. Software is configured across the gateways to provide transparent USENET, SMTP mail, FTP, and name service, while preventing direct connections between internal machines and external machines. This paper discusses the overall configuration, software used, and some of the security measures that are in place. These three gateways have been in operation for over six years, and to date no (discovered) break-in has occurred. The importance of the gateways is hard to estimate, since it provides a crucial link between Digital sales and their customers, as well as maintaining an important presence on the network.

Title: A Network Perimeter With Secure External Access
Authors: Frederick M. Avolio Marcus J. Ranum
Abstract:
A private network that carries sensitive data between local computers requires proper security measures to protect the privacy and integrity of the traffic. When such a network is connected to other networks, or when telephone access is allowed into that network, the remote terminals, phone lines, and other connections become extensions to that private network and must be protected accordingly. In addition, the private network must be protected from outside attacks that could cause loss of information, breakdowns in network integrity, or breaches in security. While security is important, security measures that are onerous or cumbersome often end up being circumvented by legitimate users of the network in order to get their work done. Because of this, usability - or "user friendliness" - in security features is also of the utmost importance. Trusted Information Systems, Inc. (TIS) has built a prototype system that provides for strong user authentication, access control, and integrity protection for unclassified but sensitive data on a private (isolated) network (or collection of networks). Furthermore, the prototype system supports the secure connection of the private network to an external Internet, as well as dial-up network connections to the private network, via a firewall and secured links, with strong user authentication and encryption of traffic. TIS used a combination of commercial off-the-shelf (COTS) software and custom software for this project. This paper summarizes the extended system configuration and functional services, and describes the required security services and specific protection mechanisms used to provide these services.

Title: A Toolkit and Methods for Internet Firewalls
Authors: Marcus J. Ranum Frederick M. Avolio
Abstract:
As the number of businesses and government agencies connecting to the Internet continues to increase, the demand for Internet firewalls - points of security guarding a private network from intrusion - has created a demand for reliable tools from which to build them. We present the TIS Internet Firewall Toolkit, which consists of software modules and configuration guidelines developed in the course of a broader ARPA-sponsored project. Components of the toolkit, while designed to work together, can be used in isolation or can be combined with other firewall components. The Firewall Toolkit software runs on UNIX file systems using TCP/IP with the Berkeley socket interface. We describe the Firewall Toolkit and the reasoning behind some of its design decisions, discuss some of the ways in which it may be configured, and conclude with some observations as to how it has served in practice.

Title: An Architectural Overview of UNIX Network Security
Authors: Robert B. Reinhardt
Abstract:
The goal of this paper is to present my concept of a UNIX network security architecture based on the Internet connectivity model and Firewall approach to implementing security, the "UNIX- NSA Firewall Model." This model defines seven layers of a firewall, which depict the layers of vulnerability. This paper also provides some subjective comments on some of the most widely known tools and methods available to protect UNIX networks today, plus a brief discussion of the threat and the risk.

Title: An Internet Gatekeeper
Authors: Herve' Schauer Christophe Wolfhugel
Abstract:
As needs for both connectivity and security increase, it becomes necessary for organizations to build and manage secure Internet gateways. IP is the internetworking protocol of today. Its use continues to grow. IP is the best-known protocol, it offers the user the best combination of services, and it is the protocol choosen by the main telecommunications carriers for their new services. IP is the essential protocol at this time, and thus we are concentrating on IP and ignoring other protocols. Effective security recommend the use of a single common routing protocol. As the Internet becomes more open, the number of possible kinds of risks increases, both because input from the outside world becomes easier and because the possibilities for output increase. We will try to list the potential risks which must be protected against. The goal is to obtain a reasonably open IP network with reasonnable security, i.e. to reach a good compromise between convenience and security. To attain this goal, we define the standard security needs of an organization, and translate these needs into security requirements, cookbooks for verification, and technical solutions. This paper will show a technical solution for the gatekeeper, but of course this is only a small part of the work. An important effort has to be made in order to train the staff properly in the new architecture and in its requirements. Several other documents, generally specific to each organization, describe all the prerequisites and daily tasks that have to be done in order to ensure a proper and safe network service.

Title: Network (In)Security Through IP Packet Filtering
Authors: D. Brent Chapman
Abstract:
Ever-increasing numbers of IP router products are offering packet filtering as a tool for improving network security. Used properly, packet filtering is a useful tool for he security-conscious network administrator, but its effective use requires a thorough understanding of its capabilities and weaknesses, and of the quirks of the particular protocols that filters are being applied to. This paper examines the utility of IP packet filtering as a network security measure, briefly contrasts IP packet filtering to alternative network security approaches such as application-level gateways, describes what packet filters might examine in each packet, and describes the characteristics of common application protocols as they relate to packet filtering. The paper then identifies and examines problems common to many current packet filtering implementations, shows how these problems can easily undermine the network administrator's intents and lead to a false sense of security, and proposes solutions to these problems. Finally, the paper concludes that packet filtering is currently a viable network security mechanism, but that its utility could be greatly improved with the extensions proposed in the paper.

Title: Packet Filtering in an IP Router
Authors: Bruce Corbridge Robert Henig Charles Slater
Abstract:
By using existing information in packet headers, routers can provide system administrators a facility to manage network connections between computers. Host address, network number, interface, direction, protocol, and port number are parameters that may be used to implement an access control policy. We present experiences developing the packet filtering facility in the NetBlazer dial-up IP router. We address the sometimes conflicting design goals of efficient performance and ease of administration by choosing internal data structures that simplify per packet lookup and then devoting 90 per cent of our code to implementing commands that maintain these tables in manner that is easy for system administrators.

Title: Simple and Flexible Datagram Access Controls for Unix-based Gateways
Authors: Jeffrey C. Mogul
Abstract:
Internetworks that connect multiple organizations create potential security problems that cannot be solved simply by internal administrative procedures. Organizations would like to restrict inter-organization access to specific restricted hosts and applications, in order to limit the potential for damage and to reduce the number of systems that must be secured against attack. One way to restrict access is to prevent certain packets from entering or leaving an organization through its gateways. This paper describes simple, flexible, and moderately efficient mechanisms for screening the packets that flow through a Unix-based gateway.

Title: TCP WRAPPER Network monitoring, access control, and booby traps.
Authors: Wietse Venema
Abstract:
This paper presents a simple tool to monitor and control incoming network traffic. The tool has been successfully used for shielding off systems and for detection of cracker activity. It has no impact on legal computer users, and does not require any change to existing systems software or configuration files. The tool has been installed world-wide on numerous UNIX systems without any source code change.

Title: The Design of a Secure Gateway
Authors: Bill Cheswick
Abstract:
The Internet supports a vast growing community of computers users around the world. Unfortunately, this network can provide anonymous access to this community by the unscrupulous, careless, or dangerous. On any given Internet there is a certain percentage of poorly-maintained systems. AT&T has a large internal Internet that we wish to protect from outside attacks, while providing useful services between the two. This paper describes our Internet Gateway. It is an application-level gateway that passes mail and many of the common Internet services between our internal machines and the Internet. This is accomplished without IP connectivity using a pair of machines: a trusted internal machine and an untrusted external gateway. These are connected by a private link. The internal machine provides a few carefully-guarded services to the external gateway. This configuration helps protect the internal Internet even if the external machine is fully compromised.

Title: There Be Dragons
Authors: Steven M. Bellovin
Abstract:
Our security gateway to the Internet, research.att.com, provides only a limited set of services. Most of the standard servers have been replaced by a variety of trap programs that look for attacks. Using these, we have detected a wide variety of pokes, ranging from simple doorknob-twisting to determined assaults. The attacks range from simple attempts to log in as guest to forged NFS packets. We believe that many other sites are being probed but are unaware of it: the standard network daemons do not provide administrators with either appropriate controls and filters or with the logging necessary to detect attacks.

Title: Thinking About Firewalls
Authors: Marcus J. Ranum
Abstract:
Many companies connect to the Internet, guarded by "firewalls" designed to prevent unauthorized access to their private networks. Despite this general goal, firewalls span a continuum between ease of use and security. This paper describes some of the considerations and tradeoffs in designing firewalls. A vocabulary for firewalls and their components is offered, to provide a common ground for discussion.

Title: X Through The Firewall, And Other Application Relays
Authors: G. Winfield Treese Alec Wolman
Abstract:
Organizations often impose an administrative security policy when they connect to other organizations on a public network such as the Internet. Many applications have their own notions of security, or they simply rely on the security of the underlying protocols. Using the X Window System as a case study, we describe some techniques for building application-specific "relays" that allow the use of applications across organizational boundaries. In particular, we focus on analyzing administrative and application-specific security policies to construct solutions that satisfy the security requirements while providing the necessary functions of the applications.


Aleph One / aleph1@underground.org
Copyright © 1996 Computer Underground Society. All rights reserved.