[262] in Intrusion Detection Systems
Info-sec heaven now rund secure http daemon (check it out)
daemon@ATHENA.MIT.EDU (Dr. Frederick B. Cohen)
Mon Jun 12 14:26:20 1995
From: fc@all.net (Dr. Frederick B. Cohen)
To: ids@uow.edu.au
Date: Fri, 9 Jun 1995 10:13:56 -0400 (EDT)
Reply-To: ids@uow.edu.au
Infosec heaven (http://all.net) is now running a new secure http daemon
for most (all non-cgi) functions. Source to this secure daemon (all 80
lines of it) is also available through this server (free for
individuals, a small fee for commercial use).
The security of this new daemon comes from several factors:
1 - It is small (80 lines of C) so you can examine the source
for potential problems and verify things about it.
2 - It runs setUID to a special UID (www) so it doesn't need root
privileges to provide service, even on port 80.
3 - It runs chroot to the directory containing your W3 information
so it limits access to the server's area.
4 - It does not write to any files except one log file which is
set at compile time and is in the chroot area.
5 - It only sends files owned by the special UID (www), so it cannot
be used to extract any file from the system not owned by that user.
To allow access, set ownership to that UID, put it in the chroot
area, and make it readable.
To prevent access, don't do those things (the right default).
6 - It only reads one request of fixed maximum length from one TCP
channel and stores it in a fixed array for analysis and use. You
cannot overrun its input buffer, and if it doesn't find the file
you are asking it to provide, it returns a predefined failure that
redirects you to a legitimate page.
This combination makes this server ideal for operating on a firewall machine
to provide LIMITED - GET-ONLY W3 service without sacrificing security or
apparent functionalit.
We hope you will enjoy our new and improved info-sec heaven and try our
new secure W3 server services.
--
-> See: Info-Sec Heaven using our New Super Secure World-Wide-Web Server
-> Free: Test your system's security (scans deeper than SATAN or ISS!)
---------------------- both at URL: http://all.net ----------------------
-> Read: "Protection and Security on the Information Superhighway"
John Wiley and Sons, 1995 ISBN 0-471-11389-1, 320 pp, $24.95
-------------------------------------------------------------------------
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236
