On Wed, 22 Dec 1999, Jonathan Clemens wrote:
> - Does anyone have AFS security tools that they'd be willing to contribute
> to my cause?
I seem to remember that someone did some work on crack to process kaserver
databases. I understand the Andrew folks used to run this regularly;
I don't know offhand if they still do.
As someone else pointed out, there have been several variants on patches
to tcpdump to decode Rx. The best of these, IMHO, is the work done by
Ken Hornstein some years back. Assar Westerlund recently did some work
extending and improving those patches, and the result is now in
tcpdump-current and should be in the 3.5 release.
I've thought about beating on that code somewhat to make it capable of
decoding authentication data and encrypted traffic, given the keys.
It would only be a small leap from that to trying to guess the keys
as it went along. Unfortunately, cracking server keys is likely to
be nontrivial, due to the randomness of the keys involved and the
relatively small amount of known plaintext available in the protocol.
As was pointed out, file data is usually not encrypted.
> - Who else is interested in working with me, and perhaps others,
> specifically on AFS security issues?
Me, for one. I'm not particularly interested in creating tools whose
sole purpose is to attack AFS installations -- we don't need to create
the AFS equivalent of a root kit. However, I can think of a few areas
in which security can be improved:
- It's relatively easy to make the cache manager encrypt all traffic
(except that on behalf of unauthenticated users). However, the
relevant changes are still not widely available, and as far as
I know, no one has ever done wide-scale testing to determine if the
increase in server load is acceptable.
- I think it's about time for some improvements to rxkad. Two such
improvements I have in mind are adding Krb5 support and replacing
fcrypt with something better. Both are somewhat complicated if
you want to maintain backward compatibility, but they're doable.
> - Anyone looked at AFS DoS attacks? Just how vulnerable are the current
> servers?
Please don't ask that question. Even thinking about the answer makes
me shudder. Basically, there are at least a couple of serious problems
here. As it stands, Rx is not very good about dealing with malicious
peers. For example, an Rx client will wait forever for an answer from
a server, as long as the server keeps the connection alive. The
reverse may also be true; I haven't looked into it in much detail.
I also know of a trivial way to crash most fileservers, which I'm
not going to talk about until Transarc has had a chance to release
a fix.
-- Jeffrey T. Hutzelman (N3NHS) <[EMAIL PROTECTED]>
Sr. Research Systems Programmer
School of Computer Science - Research Computing Facility
Carnegie Mellon University - Pittsburgh, PA
