[netcom.com] Route (daemon9) Home: /u1/daemon9 Shell: /usr/bin/tcsh No mail. Route (daemon9) is not presently logged in. Last seen at netcom18 on Fri May 24 12:26:46 1996 Plan: ============================================================================== -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.2 mQCNAy9JfcAAAAEEAKtk5VNjdIyvuE7g55VSiwFzFhLlEg7tHCwJ/Qz+7+Q1Gbql PsFFE2UZelkNPw4Y6hm5Pff6ZuWfje3nyht2kxp2hS9ShA2GQemZcyCvfHLm8lRO vhUp7Pna/DvczBd9AcBpHlajiPNXsEZ/x0w8OTu3w3R2s7fHWQtXkSokWGapAAUR tB1JbmZpbml0eSA8ZGFlbW9uOUBuZXRjb20uY29tPokAlQMFEC/L5Y70ZkBFR042 eQEBKJ8D/A2N6rWqe1g/uFxjrLqcinomBx/4sOD/LrBeP/6pMU3JA7FIwU9W9Gvt nUJUAGiI1XT9hsb31gJzjZWw6pIbI8DBk1LPi40uajMKGZVLRC3FhffFTttYja4i mD5eyfoNk8v2EKO+dWg1JB5iknflM5rTz9f1p9li8++UWyfjbTWMiQCVAwUQL8vB 6mJBNfi0j+EpAQHoNwP/UNBa/CkLAtGlbyFJxo0Isu1JEHrhYethoD+lCfgz5iZK Fvo5asgKxu2PHFs7T91WYHWIXQYlenjE6eFjkZUR7cLLxqdTalhrDvTYTjjw8aNV 04laDkLvvwRvk0NUGqlkypVUcwaynPXLo+mIForJpjsZpw7+WuH3GgWnbJbiHGiJ AJUDBRAvgtyPxcdh0gNBIFUBAYXPBACmZZfTv7h9CUXyqdizZjUQ4R9MdHBn6FOu 21CKXCYN1Fjik2gQ07cfU9Bi+RrpgF9J0+yA0O4lOs1mlr5ggiznT7qNruCO5vbR tmzSeVbu/X3mI7PrnlhJ2tcew+BxR7XQInY+S1yp5DUEOosj0PBSg+bnI1wtWd2D X8+e/3MSMIkAlQMFEC9+Bg+H6R4VJ5GrLQEBhYoD/3TFGfN9OPtWcCpirJCt/Sis 0Lglb6pRcfaEH456D4xiRu6nRGj5sbXLg59OxPhszv6RhUWbupvzAb3xlg/WniMC 1gv+YziymF/oAWalzKvtIa/+y/dQ2DtVo9fB508dOGsLrMbwCw+S5VNbtsbAzNw/ H6POtpbl2wW3HEjexDeviQCVAwUQL8sxWyknbh+vWGk5AQH/EAQAglpJXIeRdXPk oyv6wdR1uct0Onk7i3wzMniLdn1f7F3VW3Gua3Qyd+k5u6ddSIncjdIIadwU9OKd 5HZIFHu4ha0WBgXRJocaREd/qydeAVmc4I9fJ7sL0yA6wiX964v2I124i8KGybpB ZUqzeN9hd/uTIPl8PyZnlclpePvUQTs= =VLs1 -----END PGP PUBLIC KEY BLOCK----- ============================================================================== Begin Information My coredump ---------------------------------------------------------------------------- No lie. This was a core dump here at netcom from a month ago... total 1056 -rw------- 1 daemon9 2030 Feb 14 09:29 ISDN.primer drwx------ 2 daemon9 4096 Feb 23 08:38 Mail drwx------ 2 daemon9 4096 Feb 27 11:58 News -rw------- 1 daemon9 42165 Feb 18 16:03 PGPa -rw------- 1 daemon9 91915 Feb 12 21:07 TIC3 drwx------ 2 daemon9 4096 Feb 1 19:27 UDPstorm -rw------- 1 daemon9 1456 Feb 28 11:38 c3hsh.c -rw-r--r-- 1 daemon9 2139320752 Feb 28 11:23 core -rwx------ 1 daemon9 24576 Feb 28 11:34 hash -rw------- 1 daemon9 32570 Feb 22 10:15 securID -rw------- 1 daemon9 32 Feb 23 15:26 slipnet -rwx------ 1 daemon9 32768 Feb 22 10:49 sping -rw------- 1 daemon9 15794 Feb 22 10:49 sping.c -rw------- 1 daemon9 2650 Feb 28 09:58 wallsOfFire 3/28/96 ---------------------------------------------------------------------------- TCP TCB's... ----------------------------------------------------------------------------- Each TCP session requires a server to allocate resources for that session. These blocks of memory, called Tranmission Control Blocks (TCB'S), range from 8KB - 32KB. Usually there are a fixed amount of these (as opposed to a finite amount, of which there *has* to be) from 256 - 1024 (or more). A TCB cannot be reused until until it's current session has been over for two minutes. This is to ensure proper handling of any packets that arrive after the session *should* be over, but isn't. This two-minute waiting state is refered to as 'TIME-WAIT'... A denial of service attack would be to connect to a particular host successively and use up all of it's TCB's. 3/20/96 ----------------------------------------------------------------------------- It all happened one day in class.... ----------------------------------------------------------------------------- [This was originally a letter I mailed out to some friends...] Class is going as usual... I am spouting off about TCP/IP prolly more than she cares to hear (she only tolerates me to point). I space out for a while whilst she talks about something I either knew or had no interest in.......I snap back to consciousness! She is talking about address resolution at the transport layer. (This is a class on Advanced Networking Technlogies, we are currently discussing the OSI model, and are at the transport layer.) She uses the ARP analogy (!). She says arp is used to "go from the network address number to the network address name..." I almost fall out of my chair! I raise my hand, and as tactfully as possible, I try to explain to her that ARP is lower level protocol (link-layer) that is used to query hosts for a specific link-layer address, given a specifc IP address.... I go on to say that DNS is the transport-layer protocol that is responsible for the type of name resolution she spoke of... "You're wrong..." was her response... "No, I'm not..." was mine... "Yes, look in chapter 13..." she chastised... For the record: ARP: I have the IP-address of the host I want to communicate with. I send an ARP broadcast packet throughout the network that says: "Will the host whose IP address this is please respond with your link-layer (usally ethernet) address." The request is broadcast and the response is uni-cast. for good measure: RARP: Used mainly by diskless workstations when bootstrapping. A boot prom will contain code for RARP, which sayes: "I am stupid and have no idea what my IP address is. Here is my link-layer address, and could some-one (usally a server of some sort) please respond with my IP-address?". The request is broadcast, and the reply is normally uni-cast. DNS: Distributed database system that works at the transport layer. I am an ftp client. I know the canonical name of a host (for example: onyx.infonexus.com). I need the IP address to actually communicate with that host. I use a resolver which querys DNS servers on my behalf. In this case, I need the IP-address for a given network-layer name (DNS can go in either direction). The resolver will query servers until it finds an authoritative answer (I am not going into anymore detail here. If you want to know more, ask...). 10/26/95 ----------------------------------------------------------------------------- Prime numbers ----------------------------------------------------------------------------- An integer is prime if it is divisable by itself and 1. A number is a composite if it is not prime. 1 is neither prime, nor composite, it is refered to as a unit (similarly 0 and all the negatives are neither prime, nor composite). Cryptography is big on large primes. Fortunately, there are an infinite number of primes, and it is not to hard to test a number for prime candicacy. The prime number theorem gives a useful approximation for the prime distribution function PI(n) (which specifies the number of primes <=n): lim __PI(n)___ = 1 n -> infin n/ln n The approximation n/ln n gives, with reasonable accuracy, the density of primes less than or equal n. For example, there are 17 prime numbers from 1-60. n/ln n yeilds 14, an error rate of 8%. To test a candidate number (n) for primality, one obvious and simple method is to try trial divisions. Try dividing n by each integer 2,3,...,sqrt(n). If n is prime, none of the trial divisors will divide it. Assuming each division takes a constant time, this method has a worst case running time (if n is prime) proportional to exponential in the length of n. If n is small, this is a feasible approach. If n is not trivial, it is not feasible. This approach to primality testing has the advantage of not only determing if n is prime, but, it determines the prime factorization of a composite n. Psuedo-primality testing is used for large candiates. Since the trial divsion approach could take until the Sun supernovas, we have to use other approaches. Two such tests are the 4 Fermat Tests, and the Miller-Rabin Test. 4 Fermat Tests This test is the one used by PGP. It takes the candidate number n, the first 4 prime numbers b={2,3,5,7} and raises b to one less than n, moduluo n: b**(n-1) % n If the result is 1, the number is probably prime. Any other number and n is certianly not prime. PGP trys all four b, and if all return 1, the number is considered to be prime. Miller-Rabin Test The Miller-Rabin test is the same as Fermat's test, except that each time you compute a square modulo n (in the process of computing b**(n-1) % n), you look at the argument and the result of the square operation. If the argument is neither 1 nor n-1 and the result is 1 then you have found a non-trivial square root of 1 modulo n and you know for sure that n is not prime. This test is both faster and more accurate than Fermat's (it terminates earlier and it eliminates more non-primes.). A portion of this was garnered from a post from Damien.Doligez@inria.fr 9/7/95 ------------------------------------------------------------------------------ ICMP redirects ------------------------------------------------------------------------------ An ICMP redirect error is sent BY a router TO the SENDER of an IP datagram, when the datagram SHOULD have been sent to a different router. So, barring spoofing attacks, the only time we will see one is when a host has a choice of routers to send a packet to. 0 7 15 32 ___________________________________ | type | code | checksum | |_______|_______|_________________| |router IP address that should be | |used_____________________________| |IP header(inlcuding options,first| |8 bytes of original IP datagram | |data)____________________________| 9/2/95 ------------------------------------------------------------------------------ Useless Trivia Dept. ------------------------------------------------------------------------------ Well, if you ever want a 8192-bit key for some crypto algorithm, this is the number of possible permutations: 109074813561941592946298424473378286244826416199623269243183278618972\ 1331849119295216264234525201987223957291796157025273109870820177184063\ 6109797650775547990789062988421929895386098252280482051596968516135916\ 3819677188654260932456012129055390188630101790025253579991720001007960\ 0026535836800905297805880952350501630195475653911005312364560014847426\ 0352935512458439289187527686962793440880556175156943499454066778251408\ 1490061610592025643850457801332649356583604724240738244281224513151775\ 7519164899226365743722432277368075027627883045206501792761700945699168\ 4972578796838517370499969009611205156550501155612714914925153421057489\ 6662954703278632150573082843022166497032439613863525162640951616800542\ 7623435996308921691446181187406395310665404885739434832877428167407495\ 3709935118687563599703901170218236167494586209698570062636120827067154\ 0815706657513728102702231092756491027675916052087830463241104936456875\ 4920967322982459184763427383790272448438018526977764941072715611580434\ 6908274593399919614142427414105991174260605564837637563145276113626586\ 2838336862115799363802087853767554533678991569423443395566631507008721\ 3535470255670312004130725495834508357439653828936077080978550578912967\ 9073527800549356215610907958451729541159729274798775277385600082041185\ 5893000477774872776185381351049384058186159865221160596030835640594182\ 1189714037868726219481498727603653616298856174822413033485438785324024\ 7514194171830122810782097293035373728045743720952287036227763639452908\ 6980625842235514850757103961938744962986680818876966281577815307939317\ 9093143648340761738581819563002994422790754955061288818308430079648693\ 2321791587659180355652161571154029921202761556078731079374774668415283\ 6298770869945015203123186259420308569383894465706134623670423402682110\ 2958954951197087076546186622796294536451620756509351018906023773821539\ 5327762086769785897319663303088933046651694361850783506415683369445300\ 5143749131129883436726523859540490427345592872394952522718461740436785\ 4754610474377019768025576605881038077270707717942221977090385438585844\ 0954921160998525389039746557039439730860909305969633607675299649384145\ 9818570596375456149735582781362383328890630900428801732142480866396267\ 1333528009232758350873059614118723781422101460198615747386855096896089\ 1891804413395585248228675411132126387936755676503403629700319300233978\ 2846531854723824423202801518968966041882297600081543761065225427016359\ 5650875433851147123214227266605403581781469090806576468950587661997186\ 505665475715792896 8/16/95 ------------------------------------------------------------------------------ Why a one-time pad guarantees perfect security ------------------------------------------------------------------------------ A one-time pad is the only provably perfect crytosystem. A one-time pad is a simple symmetric cryptosystem. If a message of length n needs to be encrypted, a *random* sequence of bits of length n is generated. The message is then XORed with the pad. The pad must be generated by a cryptographically secure RNG (random number generator) and can only be used once per communication, and must be transmitted securely. If this protocol is followed, you have perfect secrecy. Since the ciphertext yields *no* possible information about the plaintext, with the possible exception of it's length, no crytpanalsys can be performed on the ciphertext. A given ciphertext is equally likely to be any possible plaintext of equal size, and there is no way of knowing which of the decryptions is valid. You could spend an eternity trying all the possible solutions, and never be sure which is the proper meaning of the original message. This information taken from my article in issue one of The Infinity Concept. 7/14/95 ------------------------------------------------------------------------------ FTP ----------------------------------------------------------------------------- FTP is both a protocol and a program. The File Transfer Program (FTP) uses the file transfer protocol (ftp). FTP is the Internet stndard for file transfer. It was desgined to work between different hosts, running different operating systems, using different file structurs, and perhaps using different character sets. A typical FTP session (like the many internetworking protocols) involves a client and server (C/S). FTP is different from many other applications, in that it uses two TCP connections to transfer a file. The control connection is established in a normal C/S fashion, the ftpd has a passive open connection on well known TCP port (WKP) 21, where it sits and waits for client to initiate a connection. The client does an active open to TCP port 21 to establish the control connection. The control connection is used to relay commands from the client and responses from the server. This is a connection-oriented connection and stays up the entire time the client stays in contact with the daemon. Each time a file transfer is inititated, a data connection is created. On the server, the WKP is 20 and the client uses an ephemeral port (usally between 1024 and 5000). The data connection exists for only the duration of the data transfer and after each transfer it is torn down. 7/7/95 ------------------------------------------------------------------------------ The last prime number... ----------------------------------------------------------------------------- 2,000,000,000,000,000,000,000,000,002,000,000,000,000,000,000,000,002,000,/ 000,002,293 The above is the last prime number alphabetically. Two vigintillion, two undecillion, two trillion, two thousand, two hundred and ninety three. This information was originally found Bruce Schneier's .signature. 6/14/95 ---------------------------------------------------------------------------- IDEA ----------------------------------------------------------------------------- IDEA, the International Data Encryption Algorithm, is a relatively new (finalized in 1992) symmetric block cipher. It operates on 64-bits of data at a time, and utilizes a 128-bit key. It is a very efficient cipher, using operations from differnt algebraic groups, including: XORs, Addition modulo 2^16, Multiplication 2^16+1. These operations are encased within the algorithm itself, and involve no external permutations (unlike DES's E-box). IDEA is thought* to be the most secure block cipher available to public at this time. It is my choice for bulk encryption, and Phil Zimmerman's choice for PGP's conventional encryption. Assuming brute force is the only attack available, and 1,000,000,000 chips capable of encrypting and checking 1,000,000,000 keys/sec were set to the task of searching IDEA's keyspace, it would take 10^13 years (the universe is only 10^10 years old) to recover the key. *This is not set in stone, as the algorithm seems VERY secure to conventional cryptographic protocol attacks, it is still quite new, and could concievably fall to some yet to be discovered loophole or factoring technique. Until then, my money, and data is still on IDEA. 6/9/95 ----------------------------------------------------------------------------- TCP/IP Protocol Suite ----------------------------------------------------------------------------- Transmission Control Protocol / Internet Protocol are just two of the many protocols involved in TCP/IP. This is a very brief introduction to the TCP/IP system. Networking protocols are normally developed in layers, each layer responsible for a different facet of communications. TCP/IP is normally considered to be a 4-layer system (the ISO OSI is a 7-layer system). 4 Application FTP, Telnet, SMTP, etc... | 3 Transport TCP, UDP | 2 Network IP, (ICMP, IGMP) | 1 Link Network hardware and device driver 1) Link Layer: (data link, network interface) This is where the device driver of the NIC resides. All the hardware details are handled here. 2) Network Layer: (internet layer) Handles the movement and routing of packets around the network. IP is considered 'unreliable'. 3) Transport Layer: Provides the flow of data between the two parties, for the application layer above. TCP is considered 'reliable', while UDP is not. TCP is connection-oriented, maintaining state information, etc. UDP is connectionless oriented. 4) Application Layer: Handles all the details of the particular application. 5/9/95 ------------------------------------------------------------------------------ Substitution Ciphers ------------------------------------------------------------------------------ A substitution cipher is one where each character in the plaintext is substituted for for another character in the ciphertext. The plaintext is revealed again when the substitution is inverted on the ciphertext. This is *not* remotely secure, as it only obscures the plaintext, rather than encrypt it with a key. There are four basic types: 1) Simple One char in the plaintext is replace by one coressponding char in the ciphertext. See the rot13 example below... 2) Homophonic Similar to a simple substitution cipher, except a single char of plaintext can map to one of several chars of ciphertext. 3) Polyalphabetic Made up of multiple simple substitutions throughout the process. 4) Polygram Blocks of chars are scrambled in groups. /* Rot13.c */ /* Simple substitution cipher, in effect, rotates letters 13 places mod 26 */ /* Uses stdin and stdout, useful in redirection */ #include int main(){ int c; while((c=getchar())!=EOF){ if(c>='a'&&c<='m')c=c+13; else if(c>='n'&&c<='z')c=c-13; else if(c>='A'&&c<='M')c=c+13; else if(c>='N'&&c<='Z')c=c-13; putchar(c); } return 0; } 5/9/95 ------------------------------------------------------------------------------ Locating audit files in Unix ------------------------------------------------------------------------------ This is a very simple four step process that will locate audit files (even undocumented ones). It can easily be automated in a batch file and run as a cron job. It will not enter directories you do not have search permission on, however. 1. Pick an off time to check for them, perhaps late at night. 2. touch a file 'flag' (touch flag). This is your reference file. 3. Execute a command (this should the command you are concerned with, or any you want to check if there is an audit trail on). 4. Execute find (find / -newer flag -print) to look for files with a newer timestamp (some files will be discarded as trivial, the others should be checked into as possible audit files...). 4/12/95 ------------------------------------------------------------------------------ Firewalls --------------------------------------------------------------------------- A brief intro and discussion of Internet firewalls. A firewall is used to secure an internal computer (more likely a network or subnet) from an external untrusted network (Usally the Internet). There are several kinds, ranging from free software only configurations, to expensive turnkey hardware/software based implementations. Three basic types: Router-based firewall: Using a programable router to filter packets can be one of the more cost effective and simple methods. If a dedicated line is present, it is likely a router is also, so no additional cost may be incurred. Routers work by controlling traffic at the IP level. A given packet will be accepted or blocked based on it's 32-bit source/destination address or port information, located in the header. A decent firewall can be constructed this way, but it may be difficult to exclude all the traffic you want. The main problem is that many routers come configured for miminal protection, and are left this way. Also, FTP, DNS, and X11 need special consideration, as they are not handled well by packet filters. Routers are suceptable to IP spoofing... Host-based firewall (The Bastion Host): Using a dedicated computer (or computers) offers much more flexibility and capability than a router alone. Bastion hosts exert their control at the application level, where network traffic can be examined more in depth. Most hosts implement specialized application gateways, and service proxies. In essence, these are secured versions of the programs they replace (or work with). Isolation Networks: A secured network that sits between your internal subnet and the external network. Basically, traffic can pass from the Internet to the Isolation network, and from the subnet to the Isolation network, but not across. 3/26/95 --------------------------------------------------------------------------- TCSEC {Trusted Computer System Evaluation Criteria} ---------------------------------------------------------------------------- [Divsion]: D Class: N/A Type: Minimal Protection Highlights: This division contains only one class. It is reserved for those systems that have been evaluated but fail to meet requirements for a higher division. Examples: MS-DOS machines, Apple Macintosh machines - - - - - - - - - - [Divsion]: C Discretionary Protection Synopsis: Classes in this division provide for discretionary protection and accountability of subjects and actions they initiate. Class: 1 Type: Discretionary Security Protection Highlights: Provides discretionary security requirements by seperating users and data. Incorparates some form of credible controls capable of enforcing access limitations on an individual basis. The class C1 environment is expected to one of cooperating users processing data at the same levels of security. Examples: Unix (some) Class: 2 Type: Controlled Access Protection Highlights: Systems in this class enforce a more finely grained discretionary access control system than C1. Users are individually held accountable for actions through login procedures, auditing of security related events, and resource isolation. Examples: Unix (some), VMS, Windows NT, Primos, SVS/OS CAP, OSF/1 - - - - - - - - - - [Divsion]: B Mandatory Protection Synopsis: The notion of a Trusted Computing Base that preserves the integrity of sensitivity labels and uses them to enforce a set of mandatory access control rules is a major requirement of this division. Systems in this division must carry the sensivity labels with major data structures in the system. The system developer must also provide a security policy model specification on which the TCB is based. Class: 1 Type: Labeled Protection Highlights: All requirements from C2. In addition an informal statement fo the security policy model, data labeling, and mandatory access control over named subjects and objects must be present. The capability must exist for accuratley labeling exported information (hardcopy, etc...). Examples: CMW+, OSF/1 (optional), OS 1100 Class: 2 Type: Structured Protection Highlights: In B2 systems, the TCB is based on a clearly defined and documented formal security policy model that requires the discretionary and mandatory access control enforcement found in B1 to be extended to allsubjects and objects in the system. In addition, covert channels are addressed. Authentication mechanisms are strengthened, trusted facility management is provided in the form of support for system administrator and operator functions, and stringent configuration management controls are imposed. The system is relatively resistent to penetration. Examples: Multics, Trusted XENIX Class: 3 Type: Security Domain Highlights: B3 systems must satisfy reference monitor requirements that it mediate all accesses of subjects to objects, be tamperproof, and be small enough to be subjected to analysis and testing. The TCB is structured to exclude code not essential to security policy enforcement, with significant system engineering during design to minimize complexity. Support is added for a security administrator, audit mechanisms are expanded to signal security related events, and system recovery procedures are required. The system highly resistant to penetration. Examples: XTS-200 (?) - - - - - - - - - - [Divsion]: A Verified Protection Synopsis: Characterized by the use of formal security verification methods to assure that the mandatory and discretionary security controls empployed in the system are can effectively protect classified or other sensitive information stored or processed by the system. Extensive documentation is required to demonstrate that the TCB meets the security requirements in all aspects of design, development, and implementation. Class: 1 Type: Verified Design Highlights: Functionally equivalent to B3 systems, A1 systems differ in the level of assurance. A1 systems undergo intense analysis derived from formal design specification and verification techniques and the resulting high degree of assurance that the TCB is correctly implemented. Examples: SCOMP, SNS 3/14/95 ----------------------------------------------------------------------------- Psuedo-Fake posting to Usenet and Fake-mail the easy way ---------------------------------------------------------------------------- To fake a post to USEnet, you need to find a host that has it's port 119 open to telnet. Then type in the following: group alt.big.purple.car post Subject: Alabama path: Woods!Trees!eggs!babies.com From: Clarance@TR.com Organization: Romance is wonderful Newsgroups: alt.test,alt.flame,alt.dev.null . Fakemail is easier. Most sendmail ports are open to raw telnet. Telnet to port 25, and if we are talking SMTP, then the following commands are valid: HELO hostname - startup and give your hostname MAIL FROM: - start transaction from sender RCPT TO: - name recipient for message VRFY
- verify deliverability of address EXPN
- expand mailing list address DATA - start text of mail message RSET - reset state, drop transaction NOOP - do nothing DEBUG [level] - set debugging level, default 1 HELP - produce this help message QUIT - close SMTP connection Example: MAIL FROM: "Z@zero.com" RCPT TO: "root@netcom.com" DATA . 3/2/95 ---------------------------------------------------------------------------- PGP ---------------------------------------------------------------------------- Pretty Good Privacy was written and concieved by Phillip R. Zimmerman. It is military grade encryption for the masses. It provides for secure key exchange, sophisticated key management, digital signatures, bulk encryption, key authentication, Message digests, and more. Contrary to what people beleive, PRZ did not "create" a new crypto-system. In the early versions of PGP, he implemented his own symmetric algorithm, but upon meeting with Eli Biham, it was made clear that "Bass-O-Matic" was very insecure. In later versions he dropped the Bass-O-Matic and went a new algorithm from Switzerland, IDEA. PGP uses RSA for key exchange, IDEA for conventional encryption, and MD5 for hashing. Get a copy from MIT at: net-dist.mit.edu . 2/23/95 ---------------------------------------------------------------------------- Network Topology and Internet Security ---------------------------------------------------------------------------- There are several methods to providing Internet service to an interior corporate LAN from a single Internet gateway machine. Some of these provide stalwart protection, others invite diaster. Here are a few: Physical Isolation: Security level: Very high The most simple and secure method. A host is isolated from the rest of the network. No internet user can see the internal LAN, of course, nor can any LAN user see the internet. The server itself is still open to attack, however. This method is therefore not very extensible. Adding a few small workstations (or kiosks) onto the server may increase usabilty somewhat. This would grant some corporate users access to the internet at large. This requires additional hardware, and cost however. Protocol Isolation: Security level: High If computers on the LAN need to see the Internet server, use this, the next most secure method: protocol isolation. This method is deceptively simple, based on the premise that 'Netspeak is TCP/IP. The Internet server needs to be outfitted with two NICs, one for the Internet proper, one for the internal LAN. The NIC connected to the Internet is bound to TCP/IP, and the other NIC is bound to IPX, netBEUI, or some network protocol that is not TCP/IP. The key is that the Internet requires use of IP. Since the corporate LAN is running a different protocol, it cannot communicate with the Internet, and vice versa. This method is useful for corporations that have ftp servers, and users who make data available for disseminination. The resources on the server are available from either direction, but cannot be passed through. Standard firewall. Third-party Router: Security level: High If you are running TCP/IP on a large corporate network with high volume or multiple subnets, you will likely want to use a third-party router connected to a leased line. Some routers will allow for packet filtering, and tracing as well as other features. If implemented correctly, it is usally very secure. Full Gateway Machine: Security level: Low An internal LAN running TCP/IP served by an unprotected Internet gateway machine. Very little protection for the internal network is provided here. A skilled hacker will easily penetrate this type of setup. An unskilled hacker will also likely be able to break in. This setup relies on the host operating system to provide security through file permissions and intrinsic security features. Not highly recommended. 2/19/95 ----------------------------------------------------------------------------- Leonhard Euler ----------------------------------------------------------------------------- (1707-1783) It was said that, "Euler wrote mathmatics as effortlessly as most men breathe." He was probably the most prolific mathematician that ever lived. His energy and capacity for work were boundless. His collected works form more than 100 quarto-sized volumes, and it believed that much of his work has been lost. Despite the fact that Euler was blind the last 17 years of his life, he was at one of his most productive times then. His memory was flawless. Early on in his life, he memorized the Aenenid by Virgil, and at age 70, could not only recite the entire work, but he knew the first and last sentence on every page of the book! He was able to work out problems of immense proportion in his head. He calculated major problems of lunar motion that had baffled Newton, and once did a complicated calculation in his head to settle and arguement between two students whose computations differed in the 50th decimal place. His genius brought cohenrence to the then disorganized calculus. He also tied physics with calculus in never before done manners... He made major contributions to almost every field of mathematics (where would public-key cryptography be w/o him?) as well as optics, planetary motion, electricity, magnetism, and general mechanics. 2/1/95 -------------------------------------------------------------------------- Race Conditions -------------------------------------------------------------------------- A system has n processes running. Each process is running concurrently. Say, for example, p1 and p7 are executing a region of code that access and in some way changes a common variable of some sort. This is called a critical-section (of the code). An OS *must* schedule it such that whenever one process is in it's critical section, no other process may be doing the same. Critical section code must be executed mutally exclusively with respect to time. When two such processes are racing to access a shared variable, a race condition arises. 11/12/95 A race condition is when two or more processes are running concurrently with shared memory. The race condition occurs when the order the processes access a certain variable defines the result. For instance assume r is a shared variable, and two processes are both executing r = r + 1 at the same time. There are 2 possible results. Either both get the initial value of r, add 1 and THEN put the value back (result: r = r + 1, probably not intended) or the second process does not access r until AFTER the first has stored the value(result: r = r + 2, likely the correct result) The "r=r+1" is called a "critical section" and the usual way to make the answer come out as expected is to implement mutual exclusion for the critical section, often with semaphores, or an atomic increment/decrement operation (depending on your hardware). Race conditions are the building blocks of discrete security holes... 1/29/95 --------------------------------------------------------------------------- Wordlist building -------------------------------------------------------------------------- There is no "perfect wordlist". Wordlist building is an art onto itself. A passwd file from a site where accounts are free, and user education is proportionally low, passwds will be "type A". A passwd file with 'type A' passwds is relatively easy for a cracker to breach with decent yields. 'Type A' passwds are names, places, things, TV shows, bands, profanities, etc. Bascially a pure dictionay attack (passwds can be compromised with little or no modification from thier dictionary entries). 'Type B' will be passwds like before, with numerics or special chars (n/spc) appended or prepended. This is easy to prepare for. Many Brute Force passwd crackers come with utils to do just this. A 'type C' passwd is harder to crack. This type is generally two or more words concatenated together with or without n/spc. It can also be a acronym for a phrase. Wordlists for these are best created thru more psuedorandom means. Gathering random textual data from Usenet, IRC, or somewhere and manipulating it proves useful here. Lastly, 'type D' passwds are either system generated or by security savvy users/admins. These have no discenable pattern and will contain mixed case, n/spc and not likely to be a pronouncable word. This type is the toughest to crack. You have to be lucky or good. Again random textual data is needed, but complex permutations need to performed on the word to make it suitable. In this case, you would want to make a special 'type D' wordlist, for use after all your other trys. You take the root accounts (and any others desired, yet uncracked) and run them against this list. In any event you simply cannot create a comprehensive worldist. 26+26+10+~30= 92^8. 5.13218873138E15. That is ~5,132,188,731,380,000 possible words. Assuming 1 byte chars, that is ~41,057,509,851,000,000 bytes. That is ~3,823,7785.7817 gigabytes or ~37,341.5876775 terabytes. 1/28/95 --------------------------------------------------------------------------- No Such Agency --------------------------------------------------------------------------- The NSA is shrouded in secrecy. It's alleged mandate is the secrecy and security of US communications. It is Rumored they do much more, from recording all phone conversations in the US (Extermely unlikely) to UFO investigations, communications, and subsequent cover-ups. The NSA was created by President Truman at 12:01 on November 4,1952, under the DoD, and until recently was kept offically secret. They have the largest budget of any Gov't body, and this goes to a "black list". They have the worlds leading cryptologists employed and it is commonly known that the NSA has cryptographic knowledge that is years ahead of the public sector. Since most of this information is classified, it is hard to know for sure, but safe to assume. The worlds largest resource of computing power is also wielded by the NSA. It is rumoured they have massive rooms of Crays in parallel running specially devised distributed factoring algorithms... All crytographic algorithms for export must first be approved by the NSA. It is widely believed that algorithms approved by the NSA can also be broken by the NSA. It is whispered by those trying to get their algorithm approved that the NSA suggests: - Leak a key bit intermittently in the ciphertext. - Reducing the effective keysize to something in the 30-bit range. The accepted key may be in the 100-bit range, but only a third of the bits are actually used. - Encrypt a known header at the beginning of every chipertext, allowing for a chosen-plaintext attack. - Generate a few random bytes, encrypt them with the key, and put both the plaintext and the ciphertext of those random bytes at the beginning of the message in some pre-determined order. This allows a known-plaintext attack. All this information is, at this point, hearsay... Have a look: http://www.nsa.gov:8080/ 1/24/95 ----------------------------------------------------------------------------- Information Theory ----------------------------------------------------------------------------- The amount of information in a message is defined by information theory as the minimum number of bits needed to encode all possible meanings of the message. For example, the months of the year only need 4 bits to convey all the needed information, while in actuality up to 9 bytes are used. The amount of information in a message is known as entropy, and is the log base 2 of n, where n is the total number of possible meanings. Entropy also measures uncertainty; which is the number of plaintext bits needed to be recovered when the message in enciphered, in order to learn the plaintext. 1/21/95 ----------------------------------------------------------------------------- Brute Force ----------------------------------------------------------------------------- The security of any symmetric crypto-system is dependent on two things: the strength of the algorithm and the length of the key. Since most tried and true systems brag secure algorithms, consider a brute force attack on the key. 56,64 and 128-bit keys are the most prevailant. A supercomputer able to try 1,000,000 keys per second could find a 56-bit target key in 2000 years. A 64-bit key would take the same machine 600,000 years. And a 128-bit key would take 10^25 years to compute. (A 2048-bit key would take 1,000,000 such computers 10^597 years.) However, massively parallel machines, with multitudes of processors can reduce the time significantly. A brute force attack is tailor made for parallel machines. Each processor can test a subset of keyspace. The processors do not have to communicate among themselves; only a successful breach need be broadcast. Considering this, take the previous machine's CPU and 120,000 like it in parallel, and compute a 56-bit DES key in a week or less. 590,000 processors could compute a 64-bit key in a year. It is yet unfeasible to break a 128-bit key by brute force (NSA?). Also, it is likely that certian agencies with the money and inclination have machines similar to these, but can compute double or quadruple the amount of keys in the same time.... 1/7/95 ----------------------------------------------------------------------------- Unix Password Encryption [crypt(3)] ----------------------------------------------------------------------------- Unix passwd encryption is based on a modified version of DES. The user enters her login and password at the prompts. The user entered password is used as a key to encrypt a 64-bit block of NULLs. The first seven bits of each character are extracted to form a 56-bit key. (The other eight are used for parity.) This implies that only eight characters are significant to a password. The E-table is then modified using the salt, which is a 12-bit value, coerced into the first two chars of the stored passwd. The salt's purpose is to make precompiled passwd lists and DES hardware chips ineffectual (or more difficult to use). Then, DES is invoked for 25 iterations on the block of zeros. The output is 64-bits long, and is then coerced into a 64 character alphabet (0-9,A-Z,a-z,".","/"). This involves translations in which several different values are represented by the same character. Unix passwd crypts are the product of a one-way hash. Information about the key is dropped in every iteration. Bits are LOST in the process. crypt(3), therefore, CANNOT be decrypted, reversed, or otherwise subverted from any type of scrutiny of it's output. 1/5/95 (9/25/95) ---------------------------------------------------------------------------- Secret Splitting ---------------------------------------------------------------------------- There are ways to split a message between n number of people such that apart the fragments are useless, but together, n frags produce the message. The simplest algorithm uses a trusted arbitrator: The Tusted party produces a Random bit string, the length of the message to be split, and then XORs the message with the bit string. The bit string is given to one party, and the cipher text is given to the other. This encryption is a one time pad. and is absolutely secure and completely unbreakable, as long as the pad is kept secure. To split the message among more people, the trusted party simply generates more random bit strings. To reproducve the message the ciphertext is XORed with the bit string(s). One problem is that all partys that participate in the distribution must be present for the reconstruction, or the message is lost. A threshold scheme plans for this contigency. A message can be split into n shadows, such that m number of them are necessary for reconstruction. This is an (m,n)threshold scheme. 1/4/95 ---------------------------------------------------------------------------- Public-key Cryptosystems: ---------------------------------------------------------------------------- Contrast with secret-key, in which there is one key used for encryption and decryption. While faster, it is less extensible and makes key-management a problem. In public-key cryptography, there are two keys, public, and private. The private key is kept secret while the public key is published. Plaintext is encrypted with the public key and decrypted with the private one. One such system is RSA. The strength of RSA lies in the difficulty of factoring large numbers. It is based on well-known number-theoretic properties of modular arithmetic and integers. One of these is the Euler Totient function, t(n). t(n) of a number is defined as the number of integers less than that number that are relatively prime (having no common factors other than 1) to it. 12/28/94 ---------------------------------------------------------------------------- Deadlock (Deadly embrace): ---------------------------------------------------------------------------- In a multiprogramming environment, several processes may compete for a finite number of resources. A process requests a particular resource, and if the resource is unavailable, it enters a wait state. It may happen that the waiting processes will never come out of that wait state, because the resource needed is in use (or held) by another waiting process. This situation is called deadlock. 12/25/94 ---------------------------------------------------------------------------- DOS interrupt 26h ABSOLUTE DISK WRITE: --------------------------------------------------------------------------- This interrupt writes data from a buffer pointed to by DS:BX pair to a logical disk sector. Pre Register setup: AL drive(1=A,2=B,3=C...) CX number of sectors to read DX starting logical sector number DS:BX segment:offset buffer Post Register setup: CF 0 if successful / 1 if not AX if unsuccessful, error code 12/12/94 --------------------------------------------------------------------------- Nagle Algorithm: --------------------------------------------------------------------------- A TCP connection can have only one outstanding small segment that has not been acknowledged. No additional small segments can be sent until the acknowledgement is recieved. Instead, small amounts of data are collected by TCP and sent in a single segment when the acknowledgement arrives. The Nagle algorithm is self-clocking: the faster the ACKs come back, the faster the data is sent. 12/5/94 --------------------------------------------------------------------------- End information.