2.1. Why Do We Need Security?
In the ever−changing world of global data communications, inexpensive Internet connections, and fast−paced
software development, security is becoming more and more of an issue. Security is now a basic requirement
because global computing is inherently insecure. As your data goes from point A to point B on the Internet,
for example, it may pass through several other points along the way, giving other users the opportunity to
intercept, and even alter, it. Even other users on your system may maliciously transform your data into
something you did not intend. Unauthorized access to your system may be obtained by intruders, also known
as "crackers", who then use advanced knowledge to impersonate you, steal information from you, or even
deny you access to your own resources. If you're wondering what the difference is between a "Hacker" and a
"Cracker", see Eric Raymond's document, "How to Become A Hacker", available at
http://www.tuxedo.org/~esr/faqs/hacker−howto.html.
How Secure Is Secure?
First, keep in mind that no computer system can ever be completely secure. All you can do is make it
increasingly difficult for someone to compromise your system. For the average home Linux user, not much is
required to keep the casual cracker at bay. However, for high−profile Linux users (banks,
telecommunications companies, etc), much more work is required.
Another factor to take into account is that the more secure your system is, the more intrusive your security
becomes. You need to decide where in this balancing act your system will still be usable, and yet secure for
your purposes. For instance, you could require everyone dialing into your system to use a call−back modem
to call them back at their home number. This is more secure, but if someone is not at home, it makes it
difficult for them to login. You could also setup your Linux system with no network or connection to the
Internet, but this limits its usefulness.
If you are a medium to large−sized site, you should establish a security policy stating how much security is
required by your site and what auditing is in place to check it. You can find a well−known security policy
example at http://www.faqs.org/rfcs/rfc2196.html. It has been recently updated, and contains a great
framework for establishing a security policy for your company.
What Are You Trying to Protect?
Before you attempt to secure your system, you should determine what level of threat you have to protect
against, what risks you should or should not take, and how vulnerable your system is as a result. You should
analyze your system to know what you're protecting, why you're protecting it, what value it has, and who has
responsibility for your data and other assets.
Risk is the possibility that an intruder may be successful in attempting to access your computer. Can
an intruder read or write files, or execute programs that could cause damage? Can they delete critical
data? Can they prevent you or your company from getting important work done? Don't forget:
someone gaining access to your account, or your system, can also impersonate you.
·
Additionally, having one insecure account on your system can result in your entire network being
compromised. If you allow a single user to login using a .rhosts file, or to use an insecure service
such as tftp, you risk an intruder getting 'his foot in the door'. Once the intruder has a user account
on your system, or someone else's system, it can be used to gain access to another system, or another
account.
Threat is typically from someone with motivation to gain unauthorized access to your network or
computer. You must decide whom you trust to have access to your system, and what threat they
could pose.
·
There are several types of intruders, and it is useful to keep their different characteristics in mind as
you are securing your systems.
The Curious − This type of intruder is basically interested in finding out what type of system
and data you have.
¨
The Malicious − This type of intruder is out to either bring down your systems, or deface
your web page, or otherwise force you to spend time and money recovering from the damage
he has caused.
¨
The High−Profile Intruder − This type of intruder is trying to use your system to gain
popularity and infamy. He might use your high−profile system to advertise his abilities.
¨
The Competition − This type of intruder is interested in what data you have on your system.
It might be someone who thinks you have something that could benefit him, financially or
otherwise.
¨
The Borrowers − This type of intruder is interested in setting up shop on your system and
using its resources for their own purposes. He typically will run chat or irc servers, porn
archive sites, or even DNS servers.
¨
The Leapfrogger − This type of intruder is only interested in your system to use it to get into
other systems. If your system is well−connected or a gateway to a number of internal hosts,
you may well see this type trying to compromise your system.
¨
Vulnerability describes how well−protected your computer is from another network, and the potential
for someone to gain unauthorized access.
·
What's at stake if someone breaks into your system? Of course the concerns of a dynamic PPP home
user will be different from those of a company connecting their machine to the Internet, or another
large network.
How much time would it take to retrieve/recreate any data that was lost? An initial time investment
now can save ten times more time later if you have to recreate data that was lost. Have you checked
your backup strategy, and verified your data lately?
No comments:
Post a Comment