Date: Wed, 7 Nov 2001 23:37:04 -0800 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: "Erik Trulsson" <ertr1013@student.uu.se>, "Anthony Atkielski" <anthony@atkielski.com> Cc: "FreeBSD Questions" <freebsd-questions@FreeBSD.ORG> Subject: RE: Lockdown of FreeBSD machine directly on Net Message-ID: <004301c16828$2942aaa0$1401a8c0@tedm.placo.com> In-Reply-To: <20011107154930.A7915@student.uu.se>
next in thread | previous in thread | raw e-mail | index | archive | help
>-----Original Message----- >From: owner-freebsd-questions@FreeBSD.ORG >[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Erik Trulsson >Sent: Wednesday, November 07, 2001 6:50 AM >To: Anthony Atkielski >Cc: FreeBSD Questions >Subject: Re: Lockdown of FreeBSD machine directly on Net > >To get 100% security you also need to protect yourself against attacks >such as: > [list deleted] The biggest thing you missed there is collusion between employees, the classic "inside job". This will defeat any security system. The only problem with it is that most of these conspiracies end when the participants get too greedy and start fighting with each other over dividing up the spoils. > In other words, the >> system is completely secure in this context through computational >feasibility, >> and you can make it theoretically 100% secure as well by >installing a lockout >> after a certain number of bad password attempts. > Just a few comments on the telnet security scenario. The biggest problem I see here is that both of you are assuming that the goal of the cracker is to get into the system. Your forgetting that if the goal of the cracker is to damage the system without getting in, then they don't need to guess the right password to cause problems. Let me explain. There's 4 main problems with depending on simple password-protected logins: 1) Setting up a lockout allows an attacker to DoS the system and prevent others from logging on (or make it very difficult) because the system is always in lockout, or has so many login processes going in lockout (think multiple simultaneous attempts here). 2) The 5 login attempts per second assumes _serial_ attacks, one after another. Consider a theoretical attempt on a cluster of systems, like 10 webservers. If the admin uses the same password on all members of the system (a not unreasonable assumption to make) and the attackers can run 100 simultaneous login attempts on each system, you can see that they can break the linear search up into 1000 sections (ie: a-d, e-i, j-n, etc.) which greately increases chances of finding a match. 3) It's very hard to get good randomness when creating passwords. If the cracker finds out how the "randomly determined" password is created, then they can greatly narrow the parameters for a brute-force search. 4) Humans usually pick poor passwords. Organizing the attack with a dictionary crack first, followed by a naming dictionary second, etc. can greatly increase chances of finding a match. Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?004301c16828$2942aaa0$1401a8c0>