[ Search ] [ What's New? ] [ About ]
[ Bugs ] [ Misc ] [ Mailing Lists ] [ Newgroups ] [ NewsWire ] [ Papers ] [ People ]
[ Pictures ] [ Publications ] [ Responce Teams ] [ Tools ] [ Upcoming Events ] [ Web Sites ]

Network Security

Title: A Best-Case Network Performance Model
Authors: Steven M. Bellovin
Abstract:
Network performance measures usually focus on average throughput. We, however, were concerned with best-case behavior: how fast could a packet traverse the network if there were no contention for resources. By subtracting the path time to a node from the path time through the node, we were able to develop a simple best-case delay model. This model was sensitive enough to determine the board-level configuration of a router 750 miles away.

Title: A Guide to Understanding Trusted Distribution in Trusted Systems
Authors: National Computer Security Center
File name: /pub/doc/network/trusted_network_interpretation.txt.Z
Abstract:
This document is the latest in the series of technical guidelines that are being published by the National Computer Security Center. These publications are designed to provide insight to the Trusted Computer Systems Evaluation Criteria requirements and guidance for meeting each requirement.

Title: A Security Analysis of the NTP Protocol
Authors: Matt Bishop
Abstract:
The Network Time Protocol is being used throughout the Internet to provide an accurate time service. This paper examines the security requirements of such a service, analyzes the NTP protocol to determine how well it meets these requirements, and suggests improvements where appropriate.

Title: A Unix Network Protocol Security Study: Network Information Service
Authors: David K. Hess David R. Safford Udo W. Pooch
Abstract:
This paper is a study of the security weaknesses present in a widely used Unix network protocol, Network Information Service(NIS).

Title: A Weakness in the 4.2BSD Unix TCP/IP Software
Authors: Robert T. Morris
Abstract:
The 4.2 Berkeley Software Distribution Software of the Unix operating system (4.2BSD for short) features an extensive body of software based on the "TCP/IP" family of protocols. In particular, each 4.2BSD system "trust" some set of other systems, allowing users logged into trusted systems to execute commands via a TCP/IP network without supplying a password. This paper describe how the design of TCP/IP and the 4.2BSD implementation allow users on untrusted and possibly very distant hosts to masquerade as users on trusted hosts.

Title: Addressing Weaknesses in the Domain Name System Protocol
Authors: Christoph L. Schuba Eugene H. Spafford
Abstract:
This paper describes problems with the DNS and one of its implementations that allow the abuse of name based authentication, also outlines the current design and implementation of the DNS, demonstrates these weaknesses by describing the necessary modifications in authoritative DNS data and Domain Name System code.

Title: Characteristics of Wide-Area TCP/IP Conversations
Authors: Ramon Caceres Peter B. Danzig Sugih Jamin Danny J. Mitzel
Abstract:
In this paper, we characterize wide-area network applications that use the TCP transport protocol. We also describe a new way to model the wide-area traffic generated by a stub network. We believe the traffic model presented here will be useful in studying congestion control, routing algorithms, and other resource management schemes for exis future networks. Our model is based on trace analysis of TCP/IP wide area internetwork traffic. We collected the data from USC, UCB and Bellcore networks at the point they connect with their respective regional access networks. We then wrote a handful of programs to analyze the traces. Our model characterizes individual TCP conversations by the distributions of: number of bytes transferred, duration, number of packets transferred, packet size, and packet interarrival time.

Title: Countering Abuse of Name-Based Authentication
Authors: Christoph L. Schuba Eugene H. Spafford
Abstract:
This paper describes problems of name-based authentication requiring late binding such as that provided by the DNS for host-name-to-address associations. It states the problem in an abstract way and in concrete case of the DNS, also analyzes the conditions that facilitate the exploitation of the problem and explains the weakness that are present in the DNS, then explores some possible solutions to the problem.

Title: NFS Tracing By Passive Network Monitoring
Authors: Matt Blaze
Abstract:
Traces of filesystem activity have proven to be useful for a wide variety of purposes, rang- ing from quantitative analysis of system behavior to trace-driven simulation of filesystem algo- rithms. Such traces can be difficult to obtain, however, usually entailing modification of the filesystems to be monitored and runtime overhead for the period of the trace. Largely because of these difficulties, a surprisingly small number of filesystem traces have been conducted, and few sample workloads are available to filesystem researchers. This paper describes a portable toolkit for deriving approximate traces of NFS [1] activity by non-intrusively monitoring the Ethernet traffic to and from the file server. The toolkit uses a promiscuous Ethernet listener interface (such as the Packetfilter[2]) to read and reconstruct NFS-related RPC packets intended for the server. It produces traces of the NFS activity as well as a plausible set of corresponding client system calls. The tool is currently in use at Princeton and other sites, and is available via anonymous ftp.

Title: OARnet Security Procedures
Authors: Kannan Varadhan
Abstract:
This document discusses a variety of possible measures to enhance network security for an organization intending to connect to a regional network. These are just general principles for building firewalls and security. Absolute solutions are possible only when exact configurations are available, and are outside the scope of this document.

Title: Open System Security - an Architectural Framework
Authors: Arto T.Karila
Abstract:
This Ph.D Dissertation bring a semi-formal model for the security of communications between peer entities within an OSI layer and between entire application instances.

Title: Packets Found on an Internet
Authors: Steven M. Bellovin
Abstract:
As part of our security measures, we spend a fair amount of time and effort looking for things that might otherwise be ignored. Apart from assorted attempted penetrations, we have also discovered many examples of anomalous behavior. These range from excessive ICMP messages to nominally local broadcast packets that have reached us from around the world.

Title: Paving the Road To Network Security or the Value of Small Cobblestones
Authors: Hiarie Orman Sean O'Malley Richard Schroeppel David Schwartz
Abstract:
The methods demonstrated in this paper illustrate how configuration flexibility can be achieved and how complex services can be constructed, all using the same building block modules.

Title: Pseudo-Network Drivers and Virtual Networks
Authors: S. M. Bellovin
Abstract:
Many operating systems have long had persudo-teletypes, inter-process communication channels that provide terminal semantics on one end, and a smart server program on the other. This paper describes an analogous concept, pseudo-network drivers. One end of the driver appears to be a real network device, with the appropriate inerface and semantics: data writen to it goes to a program, however, rather than to a physical medium. Using this and some auxiliary mechanisms, the author present a variety of applications, including system test, network monitoring, dail-up TCP/IP, and ways to both improve and subvert network security.

Title: Security Problems in the TCP/IP Protocol Suite
Authors: S.M. Bellovin
Abstract:
The TCP/IP protocol suite, which is very widely used today, was developed under the sponsorship of the Department of Defense. Despite that, there are a number of serious security flaws inherent in the protocols, regardless of the correctness of any implementations. This paper describes a variety of attacks based on these flaws, including sequence number spoofing, routing attacks, source address spoofing, and authentication attacks. It also presents defense against these attacks, and conclude with a discussion of broad-spectrum defenses such as encryption.

Title: The Architecture and Implementation of Network-Layer Security Under Unix
Authors: Matt Blaze John Ioannidis
Abstract:
swIPe is a network-layer security protocol for the IP protocol suite. This paper presents the architecture, design philosophy, and performance of an implementation of swIPe under several variants of Unix. swIPe provides authentication, integrity, and confidentiality of IP datagrams, and is completely compatible with the existing IP infrastructure. To maintain this compatibility, swIPe is implemented using an encapsulation protocol. Mechanism (the details of the protocol) is decoupled from policy (what and when to protect and key management). swIPe under Unix is implemented using a virtual network interface. The parts of the implementation that process incoming and outgoing packets are entirely in the kernel; parameter setting and exception handling, however, are managed by user-level processes. The performance of swIPe on modern workstations is primarily limited only by the speed of the underlying authentication and encryption algorithms; the mechanism overhead is negligible in our prototype.

Title: The "Session Tty" Manager
Authors: S. M. Bellovin
Abstract:
In many Unix systems, it is possible for a program to retain access to the login terminal after the user has logged out. THis poses obvious security rishs and can also confuse the modem control signals. People solve this for System V by adding a layer of indirection known as the session tty driver. At login time, a session device is linked to the physical terminal. User program have access to the session device only, and may not open the physical line. Upon logout or carrier drop, the link is servered. New login sessions are given new session devices is controlled by a new system process known as the session manager, by means of suitable plumbing primitives, a 'reconnect after line drop' facility can easily be implemented.

Title: Trusted Distribution
Authors: National Computer Security Center
Abstract:
This publication is issued by the National Computer Security Center(NCSC) as part of its program to promulgate technical computer security guidelines. The interpretations extend the evaluation classes of the Trusted Systems Evaluation Criteria (DOD 5200.28-STD) to trusted network systems and components.


Aleph One / aleph1@underground.org
Copyright © 1996 Computer Underground Society. All rights reserved.