TAILIEUCHUNG - TCP/IP - Security Perspective Upper Layers

Biggest problem is figuring out who a piece of mail is really from Must use a higher level mechanism for trust or privacy Most SMTP clients use sendmail which has been a constant source of security problems for years | TCP/IP - Security Perspective Upper Layers CS-431 Dick Steflik Application Layer Protocols Messaging Protocols SMTP, POP, MIME, IMAP, IM Telephony , SIP (used with VoIP) RPC Based Protocols NIS, NFS, Andrew File Transfer Protocols TFTP, FTP, SMB Remote Login Telnet, rlogin, Ssh, Information Services Finger, whois, LDAP, WWW,NNTP Proprietary Protocols RealAudio, SQL’Net, VNC SMTP Biggest problem is figuring out who a piece of mail is really from Must use a higher level mechanism for trust or privacy Most SMTP clients use sendmail which has been a constant source of security problems for years MIME MIME headers could be hand crafted by hacker to overwrite data MIME fragmentation could subvert virus checkers ability to detevt embedded virus’ Mailing of executable programs POP Pretty insecure Passwords not secure, sent as clear text Exchanges are done as clear text Can be done over SSL/TLS Some UNIX systems POP runs as root until user is authenticated and then switches to that userid, never good to have servers running as root (many sysadmins set up to run servers as nobody) IMAP Authentication is better than in POP but still not great (shared secret) Complex protocol, leaves many possibilities for hackers to try to subvert the protocol Not as popular as POP Used more on intranets than the internet IM Very popular on the Internet but very dangerous on intranets connected to the internet due to employees inadvertently leaking private data onto the public media. Use commercial systems if needed on an intranet, possibly with encryption RPC & Rpcbind Developed by Sun Microsystems Popular way of implementing distributed computing Authentication is weak, some versions used Kerberos based some use DES based shared session keys Rpcbind will advertise all registered services and allow them to be unregistered (by a wiley hacker) Rpcbind calls can be indirectly forwarded making verification of source hard to determine NIS (Network Information Service) Used to distribute .

TỪ KHÓA LIÊN QUAN
TAILIEUCHUNG - Chia sẻ tài liệu không giới hạn
Địa chỉ : 444 Hoang Hoa Tham, Hanoi, Viet Nam
Website : tailieuchung.com
Email : tailieuchung20@gmail.com
Tailieuchung.com là thư viện tài liệu trực tuyến, nơi chia sẽ trao đổi hàng triệu tài liệu như luận văn đồ án, sách, giáo trình, đề thi.
Chúng tôi không chịu trách nhiệm liên quan đến các vấn đề bản quyền nội dung tài liệu được thành viên tự nguyện đăng tải lên, nếu phát hiện thấy tài liệu xấu hoặc tài liệu có bản quyền xin hãy email cho chúng tôi.
Đã phát hiện trình chặn quảng cáo AdBlock
Trang web này phụ thuộc vào doanh thu từ số lần hiển thị quảng cáo để tồn tại. Vui lòng tắt trình chặn quảng cáo của bạn hoặc tạm dừng tính năng chặn quảng cáo cho trang web này.