- Email: [email protected]
Suspicious finds
Abstracts of Articles and Recent Literature
How hackers break in... and how they are caught, Carolyn Meinel. The author gives a fictionalized account which is a composite of many incidents that have occurred somewhere in cyberspace. The names and other details have been changed, but the technologies and software exist. Some of the events reported are drawn from the firsthand experiences of the author. Scient$c American, October 1998, pp. 70-77. How computer security works, William Cheswick, Steven Bellovin, Warwick Ford and James Gosling, The authors look at what they consider are three formidable types of defence for protecting networks. The first line of defence is the firewall. The two most common kinds of firewalls are packet filters and application-level firewalls. A packet filter examines the source address and destination address of every packet of data going in or out of a network. The filter can block packets from certain addresses from entering the network and prevent other packets from leaving. An application-level firewall examines the content of the Internet traffic as well as the addresses; it is slower than a packet filter, but it allows the company to implement a more detailed security policy.The second defence is public key certificates which play an essential role in public key cryptography. The third line of defence is the Java Sandbox. The key to Java’s security is a layer of software called the Java Virtual Machine, which is needed to execute any applet written in the programming language. When a computer user downloads an applet, the virtual machine initially prevents the program from gaining access to the computer’s hard drive, network connections and other vital system resources. An applet can get out of the sandbox only if the virtual machine verifies that the program comes from a trusted source. Scientific American, October 1998, pp. 78-81. Cryptography for Zimmermann. Since the sophisticated algorithms
618
the 1980s and
Internet, Philip the development of fast but affordable
computer hardware have made powerful, militarygrade cryptographic systems available to millions of people with ordinary personal computers. Recent technological improvements promise to make such systems increasingly resistant to even the most advanced cipher-cracking techniques. This article gives a summary of the development of encryption from its early stages to the present day and the author consider the future for the Internet of security through encryption. The author believes that at present the very best cryptosystems are beyond the reach of the best cryptanalytic methods known. He feels that it is conceivable that powerful, new cipherbreaking techniques will be developed in the coming years. Scientij? American, October 1998, pp. 82-87. Suspicious finds, David Newman. The trust no-one sensibility is at the heart of intrusion detection systems (IDSs), software that can spot attacks in progress, generate real-time alerts, and defeat an attack by reconfiguring routers or firewalls on the fly.The testers subjected a number of IDSs (Abirnet Inc.5 Sessionwall 3, Anzen Computing Inc.5 Anzen Flight Jacket 1.2, Cisco Systems Inc.‘s Netranger 2.1.1, Internet Security System’s Realsecure 2.1 and Internet Tools 1nc.S ID-Track 2.0) to various forms of attack, rated management capabilities and benchmarked pexformance. The IDSs spotted attacks as the companies advertised but on empty networks. They also work well on heavily utilized Ethernet segments, but if the fast Ethernet segment is filled with traffic then the vigilance vanishes. In fact, no product detected all the attacks when the network was heavily loaded. No product came through with flying colours on the documentation front. All IDS manuals do a good job of explaining how to set up and manage products, but none thoroughly explained key security concepts. In spite of all that, these products still have much to recommend - and two (Netranger and Realsecure) merited Tester’s Choice awards. Data Communications, August 1998, pp. 73-82.
How hackers break in... and how they are caught, Carolyn Meinel. The author gives a fictionalized account which is a composite of many incidents that have occurred somewhere in cyberspace. The names and other details have been changed, but the technologies and software exist. Some of the events reported are drawn from the firsthand experiences of the author. Scient$c American, October 1998, pp. 70-77. How computer security works, William Cheswick, Steven Bellovin, Warwick Ford and James Gosling, The authors look at what they consider are three formidable types of defence for protecting networks. The first line of defence is the firewall. The two most common kinds of firewalls are packet filters and application-level firewalls. A packet filter examines the source address and destination address of every packet of data going in or out of a network. The filter can block packets from certain addresses from entering the network and prevent other packets from leaving. An application-level firewall examines the content of the Internet traffic as well as the addresses; it is slower than a packet filter, but it allows the company to implement a more detailed security policy.The second defence is public key certificates which play an essential role in public key cryptography. The third line of defence is the Java Sandbox. The key to Java’s security is a layer of software called the Java Virtual Machine, which is needed to execute any applet written in the programming language. When a computer user downloads an applet, the virtual machine initially prevents the program from gaining access to the computer’s hard drive, network connections and other vital system resources. An applet can get out of the sandbox only if the virtual machine verifies that the program comes from a trusted source. Scientific American, October 1998, pp. 78-81. Cryptography for Zimmermann. Since the sophisticated algorithms
618
the 1980s and
Internet, Philip the development of fast but affordable
computer hardware have made powerful, militarygrade cryptographic systems available to millions of people with ordinary personal computers. Recent technological improvements promise to make such systems increasingly resistant to even the most advanced cipher-cracking techniques. This article gives a summary of the development of encryption from its early stages to the present day and the author consider the future for the Internet of security through encryption. The author believes that at present the very best cryptosystems are beyond the reach of the best cryptanalytic methods known. He feels that it is conceivable that powerful, new cipherbreaking techniques will be developed in the coming years. Scientij? American, October 1998, pp. 82-87. Suspicious finds, David Newman. The trust no-one sensibility is at the heart of intrusion detection systems (IDSs), software that can spot attacks in progress, generate real-time alerts, and defeat an attack by reconfiguring routers or firewalls on the fly.The testers subjected a number of IDSs (Abirnet Inc.5 Sessionwall 3, Anzen Computing Inc.5 Anzen Flight Jacket 1.2, Cisco Systems Inc.‘s Netranger 2.1.1, Internet Security System’s Realsecure 2.1 and Internet Tools 1nc.S ID-Track 2.0) to various forms of attack, rated management capabilities and benchmarked pexformance. The IDSs spotted attacks as the companies advertised but on empty networks. They also work well on heavily utilized Ethernet segments, but if the fast Ethernet segment is filled with traffic then the vigilance vanishes. In fact, no product detected all the attacks when the network was heavily loaded. No product came through with flying colours on the documentation front. All IDS manuals do a good job of explaining how to set up and manage products, but none thoroughly explained key security concepts. In spite of all that, these products still have much to recommend - and two (Netranger and Realsecure) merited Tester’s Choice awards. Data Communications, August 1998, pp. 73-82.