-----------------------------------------------------------
New Message on BDOTNET
-----------------------------------------------------------
From: spark
Message 2 in Discussion
I
think this is rather good must read on security too, its excerpts from this that
I had posted in the previous mail :
http://www.develop.com/kbrown/book/html/book.html
<snip>
Part 1: The Big Picture
Item
1: What is a non privileged user?
Item 2:
How to develop code as a non-admin
Item
3: What is the principal of defense in depth?
Item 4: What
is a luring attack?
Part 2: Security Context
Item
5: What is security context?
Item 6: What
is a token?
Item 7:
What is a logon session?
Item
8: What is a window station?
Item 9:
What is a privilege?
Item
10: What is Thread.CurrentPrincipal?
Item
11: How to track client identity using Thread.CurrentPrincipal
Item 12:
How to use a privilege
Item 13: What
is a daemon?
Item
14: How to choose an identity for a daemon
Item 15:
How to display a user interface from a daemon
Item 16: What
is a service principal name (SPN)?
Item 17: How to
use service principal names
Part 3: Misc
Item
18: What is Kerberos?
</snip>
<snip>
Item 3: What is the principal of defense in depth?
A .NET Developer's Guide
to Windows Security, by Keith
Brown
During the Cold War, the United States wanted to learn more about Soviet
submarine and missile technology. How fast were the Soviets progressing? What
were the results from their ICBM tests? Even more important, were the Soviets
working toward a first strike capability? So in October of 1971, the United
States sent its most advanced nuclear spy submarine, the USS Halibut,
deep into Soviet territory in the Sea of Okhotsk. Their mission? Find the
undersea telephone cable that connected the Soviet submarine base at
Petropavlovsk to the Soviet Pacific Fleet headquarters on the mainland at
Vladivostok (figure .1). The mission was a success, and you can imagine the mood
of the divers as they eavesdropped on the wire with an instrument that measured
electromagnetic emanations. What they heard was easily understandable Russian
conversations. No encryption. The following year, the Halibut installed a
permanent tap on the line to record the conversations, with a plan to return in
about a month to retrieve the records. Eventually more taps were installed on
Soviet lines in other parts of the world. The more advanced instruments could
store a year's worth of data. All in all, the intelligence gathered from these
exercises helped end the Cold War, as it gave the United States a window
directly into the Soviet mind[BMB].
Figure .1: The Sea of Okhotsk
So what does this story have to do with computer security? It demonstrates
what can happen when systems are designed without redundant security measures.
The Soviets assumed that their conversations were secure simply because they
were being carried on phone lines that were protected by perimeter defenses (the
entrance to the Sea of Okhotsk is much more narrow than my map might first
indicate, and could easily be defended by the Soviet navy).
</snip>
-----------------------------------------------------------
To stop getting this e-mail, or change how often it arrives, go to your E-mail
Settings.
http://groups.msn.com/BDOTNET/_emailsettings.msnw
Need help? If you've forgotten your password, please go to Passport Member Services.
http://groups.msn.com/_passportredir.msnw?ppmprop=help
For other questions or feedback, go to our Contact Us page.
http://groups.msn.com/contact
If you do not want to receive future e-mail from this MSN group, or if you received
this message by mistake, please click the "Remove" link below. On the pre-addressed
e-mail message that opens, simply click "Send". Your e-mail address will be deleted
from this group's mailing list.
mailto:[EMAIL PROTECTED]
