Domain 2
Communications Security

The first section in Domain 2 deals with “Telecommunications Security Objectives, Threats, and Countermeasures.” Experience has shown that the more sophisticated hackers can attack routers and firewalls and change the security controls that an organization has established to keep intruders out. Many astute organizations have risen to this challenge by fighting fire with fire — that is, they have established a team of technical specialists that attempt to “hack” their own systems to discover security holes and to ensure that established controls remain as they were intended. Chapter 2-1-1, “The Self-Hack Audit,” describes the most common hacker techniques and provides guidance on how to use hacker techniques to beat them at their own game.

The second section addresses “Network Security.” Because of the inherent lack of viable security mechanisms available to protect information in a network environment, many organizations are scrambling to obtain control by installing a firewall and/or by imposing encryption. A new security mechanism called type enforcement, which is based on the tried-and-true principles of “least privilege,” promises help. Chapter 2-2-1, “A New Security Model for Networks and the Internet,” describes how this new mechanism could be implemented to establish improved data security.

For those who haven’t developed a strong background in LAN/WAN security concepts and methodologies, Chapter 2-2-2, “Introduction to LAN/WAN Security,” provides a detailed and comprehensive study of this very complicated subject area. Because of the current ongoing rush to bigger and better client/server installations, most organizations are at the mercy of their ability to implement secure LANs and WANs.

The final section in Domain 2 is devoted specifically to “Internet Security.” There are those that believe Internet security to be the world’s best oxymoron, and so it may be. Still, many organizations are using the Internet to take advantage of the great, low-cost communications opportunities available.

The challenges of using the Internet safely can be very imposing. Chapter 2-3-1, “Security Management for the World Wide Web,” addresses the need for a baseline security structure that will enable the safe conduct of business over the Internet and the use of Web-based technology within corporate networks. A set of solutions is provided to help readers decide how to best use existing assets to implement a secure environment.

By connecting to the Internet, an organization is likely to be exposed to a great number of unexpected threats. The most useful current control measure is the firewall. “Internet Firewalls” are the subject of Chapter 2-3-2, which gives a detailed discussion of firewall options that should provide very valuable assistance in deciding the best system to implement.

Section 2-1
Telecommunications Security Objectives, Threats, and Countermeasures

Chapter 2-1-1
The Self-Hack Audit

Stephen James

In today’s electronic environment, the threat of being hacked is no longer an unlikely incident, occurring in a few unfortunate organizations. New reports of hacker incidents and compromised systems appear almost daily. As organizations continue to link their internal networks to the Internet, system managers and administrators are becoming increasingly aware of the need to secure their systems. Implementing basic password controls is no longer adequate to guard against unauthorized access to data. Organizations are now looking for more up-to-date techniques to assess and secure their systems. The most popular and practical technique emerging is the self-hack audit (SHA). The SHA is an approach that uses hacker methods to identify and eliminate security weaknesses in a network before they are discovered by a hacker.

This chapter provides a methodology for the SHA and presents a number of popular hacker techniques that have allowed hackers to penetrate various systems in the past. Each description is followed by a number of suggested system administration steps or precautions that should be followed to help prevent such attacks. Although some of the issues discussed are specific to UNIX systems, the concepts can be applied to all systems in general.

OBJECTIVES OF THE SELF-HACK AUDIT

The basic objective of the SHA is to identify all potential control weaknesses that may allow unauthorized persons to gain access to the system. The network administrator must be familiar with and use all known hacker techniques for overcoming system security. Depending on the nature of the audit, the objective may be either to extend a user’s current levels of access (which may be no access) or to destroy (i.e., sabotage) the system.