[31] in linux-security and linux-alert archive
Secure setup for file transfer
daemon@ATHENA.MIT.EDU (Jacob Navia)
Mon Mar 6 22:12:43 1995
From: jacob@jacob.remcomp.fr (Jacob Navia)
To: linux-security@tarsier.cv.nrao.edu
Date: Mon, 6 Mar 1995 23:39:49 +0100 (MET)
In-Reply-To: <m0rlZAj-000KjRC@monad.swb.de> from "Olaf Kirch" at Mar 6, 95 10:33:48 am
Reply-To: linux-security@tarsier.cv.nrao.edu
[Moderator's (Jeff's) note: This question/post is more along the lines
of general (secure) UNIX programming than Linux-specific security--but
it does raise one interesting point: emulation of some sort of Machine
ID for an i386-based Linux system, since PC's lack this as a built-in.
Followups on this subject should be directed to the list, but followups
related to programming a generally secure client/server (such as this
one) should be directed to the author personally. Thanks.]
--
Problem:
Secure setup for file transfer.
I need to distribute a set of files for all customers of a software
provider. The files are both executables or/and data files. The customers
run under Windows (3.1) and are linked via a tcpip network to the
software provider (ISDN, router setup).
I have proposed a Linux server as the file server. The server will run
a propietary transfer protocol. This eliminates the security holes of
FTP but could possible open new ones. That's the reason of this post.
1. My protocol needs:
a) Establish that the guy at the other end is the user in question.
This will be done by setting up a login/password scheme. The
password SHOULD be encrypted. Question: What encryption scheme
should I use?
b) Establish that the machine doing the call is the machine that's
authorized to call. Since there is no Machine ID with PCs, I will
use an encryption scheme that reads the CMOS of the machine and
makes an integer out of different values like the BIOS date, the
type of BIOS, and other parameters. This number will be expected
by the Linux server to be sure that the machine calling is the
right one. Of course any change to the machine's motherboard will
need a reinstallation of the software but this is no big deal.
I will use Winsockets.DLL in the windows side, and a server daemon in the
Linux side. Both sides are already written without any security concerns.
The security options are scheduled to be done now.
The server will use a special port number to receive data. Since there is
a difference between port numbers under 1024 and those above, I will use
one in the 4.000 range. Is that a good idea?
The server will have our own access list for checking that the customer
has the right to receive the data, billing etc.
What do you think? Comments welcome.
