[1083] in linux-net channel archive
Re: Rewrite DIP-337n-inaky to handle script file encryption
daemon@ATHENA.MIT.EDU (Raj Mathur)
Sun Sep 10 07:25:46 1995
Date: Fri, 8 Sep 95 19:55 IST(+0530)
From: raju@gratis.xgroup.ernet.in (Raj Mathur)
To: narf@speakeasy.org
Cc: linux-net@vger.rutgers.edu, linux-apps@vger.rutgers.edu
In-Reply-To: <199509071900.MAA28970@eve.speakeasy.org> (narf@speakeasy.org)
Reply-To: raju@xgroup.ernet.in
This thread is rapidly becoming purely security-related; I guess I'll
have to gather up the energy and post a summary of the messages, some
of which have been public and some received personally. In the
meantime, some more thoughts (with assistance from many Linux users
who've helped).
>>>>> "Fran" == Fran Taylor <narf@speakeasy.org> writes:
Fran> my two cents worth on encrypting the ppp password: In my
Fran> opinion, keeping the world from reading the file with the
Fran> password is the best you can do. Someone would have to get
Fran> root access to see the password. But if some hacker got in
Fran> as root, he could possibly (probably!) hack things so that
Fran> he could see the password going out the serial port. I can
Fran> think of several ways to pull it off. All the encryption
Fran> effort is for naught if this happens. So why bother.
Fran> Remember the maxim from the Unix security gurus: you can't
Fran> do secure communications from a compromised machine.
There are many of us here who share this thought. My own feeling is
that you can't foil the well-equipped, professional cracker with
enough time on his/her hands forever, short of switching off your
computer and sealing it into a concrete bunker. OTOH, many crackers
(this is from my own limited experience with the breed) will only go
so far and no further in attempting a break-in, or reaping the
benefits from it.
In addition, the original posting from me was triggered off by the
following situation which exists in an organization today:
We are talking about a nation-wide network connected over leased
terrestrial data circuits. Some of the machines have dial-in modems
connected, which is a pain but unavoidable. One of these machines
also dials our Internet Service Provider (ISP) from time-to-time
using DIP and makes a SLIP login, giving the required login and
password.
Now as administrator of this network I obviously don't want it's
security compromised. However, even in case it _is_ broken into, the
last thing anyone (except the intruder :-) would want is that s/he get
hold of our SLIP login and password at our account at the ISP and
happily spend the next year or so masquerading as us.
Now consider this situation: the dial-out system has been compromised,
and the cracker is looking for greener pastures. S/he is browsing the
file system and Lo and Behold, what do we have here? Ah-ha, a DIP
script complete with IP addresses, telephone numbers, login and
password. Let's squirrel it away, never know when such a thing will
come in useful! *Aargh*
Situation #2: as before the system is compromised, but the DIP script
is encrypted by some means. Now what does the cracker find? An
encrypted file in the file system. S/he has no idea what it is, what
it's used for, and whether it is any good or not. For all s/he knows,
it could be an adultering sysadmin's mail to his paramour. Let's keep
it anyway, the cracker says, in case it comes in useful. But it
doesn't unless and until the cracker spends a fair amount of time
monitoring activity on the system or tracing crontabs, history files,
etc.
Naive? Possibly. But I feel that the encrypted script file will serve
my purpose fairly well, and be secure against most amateur cracking.
It's not the best solution and it's not foolproof, but it gives
acceptable returns for little investment.
Regards,
-- Raju
--
Raj Mathur The X Group New Delhi India
PGP: Fingerprint: F2 D4 4A 21 27 B0 63 FF 15 97 9D AE 9D 40 BC B8
2.6.i Key: finger raju@arbornet.org
It is the mind that moves.
