RE>
From: Richard Gaskin <[EMAIL PROTECTED]>
Subject: TCP/IP security considerations
Date: Thu, 12 Apr 2001 00:31:54 -0700
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
What are the security considerations in the following scenario?:
Suppose I have two MC apps running on different machines, and they
communicate with each other showing a listing of files each machine has
designated specifically for sharing (much like Napster, GNUtella clients,
etc.).
In this scenaro, what special risks would someone be taking in having a
MetaCard client sharing a designated folder to other MetaCard clients using
the same custom protocol?
Given that ultimately everything is hackable, what specific standards
constitute various levels of security? Or at least, a level of security
business people (not hospitals and other critical-systems) find acceptable?
Most importantly, can we satisfy those requirements with MetaCard?
If you must develope new TCP/IP protocols, please publish the RFC for them. If
security is important investigate SSL. FREELy avail from stunnel.org.
--
good questions.
If like napster the servers files are offered up for sharing, and a user
initiates download, then the security issues i would care about are: ensuring
the file recieved is the file that was tranmitted. avoid "man in the middle"
attacks.
If the servers allow client initated uploads, then you want to be aware of
overwrites etc.
(excuse the following crusaid)
in any case MC hasnt been rigorously analysed for buffer-overrun attacks afaik.
Not only should you be cautious about using it for sensitive data, but also on
any virtual file system with sensative or mission critical data, unless you are
very sure that the permissions DONT allow it to write to disk, or read sensative
data. still the active copy *in ram* may be rewritten, and you dont want to run
MC out of inetd!
any door can be broken, with a lever long, and strong enough, but dont
leave the door open.
MC was built (in the image of HC) to make GUIs and be an OO database with
advanced scripting capabilities, it now includes inet_socket functionality. do
not assume that just because you can, you should. There are tried and true
methods of sharing files SCP2,FTP,HTTP don't reinvent the wheel unnessesarily.
write software to co-ordinate these underlying transactions to provide a nice
GUI to people who need to access data without learning how technology works.
keeps development time down, and reduces the complexity of your product, while
reasuring the customers (end users) of compatability.
yes i am the first to admit i am rather opinionated on some of the issues here,
that dosnt make me right/wrong.
good luck,
-
Robin-David Hammond
56 Hardwick RD
Ashland MASS, USA
"Contrary to popular belief, penguins are not the salvation of modern
technology. Neither do they throw parties for the urban proletariat."
Archives: http://www.mail-archive.com/metacard@lists.runrev.com/
Info: http://www.xworlds.com/metacard/mailinglist.htm
Please send bug reports to <[EMAIL PROTECTED]>, not this list.
