COSC 513 Operating Systems

Project Paper:

Internet Security

Instructor: Dr. Anvari

Student: Ying Zhou

Student ID: 125933

Spring 2003

Department of Computer Science

Southeastern University

TABLE OF CONTENTS

ABSTRACT ...... 2

ACKNOWLEDGEMENTS ...... 3

CHAPTER ONE – INTRODUCTION ...... 4

Scope and Potential Use ...... 4

Introduction of Internet Security ...... 4

CHAPTER TWO - DOCUMENT CONFIDENTIALITY ...... 7

CHAPTER THREE - CLIENT-SIDE SECURITY ...... 9

CHAPTER FOUR - SERVER-SIDE SECURITY ...... 10

Windows NT Web Servers ...... 11

UNIX Web Servers ...... 14

CHAPTER FIVE – CONCLUSION ...... 16

BIBLIOGRAPHY ...... 17

ABSTRACT

Internet security can be defined as the protection of data from theft, loss or unauthorized access, use or modification. With the constantly evolving nature of the Internet, it is vital that users continuously protect themselves and their information. This paper discusses the social and ethical considerations underlying the use of computer-based information systems.

Internet security has different meanings from three different point of view – the user’s point of view, the Webmaster’s point of view, and both parties’ views. Based on this, my paper presents representatively in three major parts – document confidentiality, client-side security, and server-side security.
Furthermore, any computer connected to the Internet will require steps and precautions to be taken to reduce the exposure to hacker threats. Internet server security and configuration under Windows NT Web server and UNIX Web server are presented in details in the paper.

ACKNOWLEDGEMENTS

I would like to express my gratitude and thanks to my teacher, Dr.Anvari, for his thoughtful guidance and timely encouragement. His guidance and assistance have helped me to complete this project in a timely fashion.

My special thank is also extended to my mother, for her love, understanding and encouragement.

All of these I will keep in my mind forever.

CHAPTER ONE - INTRODUCTION

SCOPE AND POTENTIAL USE

It is a challenge to assure security in information systems – networked, embedded, and plain vanilla computation systems.There are a variety of security policies; they come in many flavors, for example, authentication before access, integrity of information, and confidentiality of information. More and more parties focus on the models, the tools, and the techniques for enforcement of security policies. And because today’s implementation approaches are flawed, we will also address the penetration and disruption of information systems in the context of operating systems, networks, and databases.

INTRODUCTION OF INTERNET SECURITY

For some parties, Internet security is the ability to browse the Web in peace, knowing that no one is looking over their shoulders. For other, it is the ability to conduct financial and commercial transactions safely. For the operators of web sites, it is confidence that their sites will not be vandalized by pranksters or used as a gateway to break into their local area network.

One of the problems with talking about Internet security is that the topic has been distorted by software vendors and the press. Makers of Web browsers would have you believe that Web security is all about using cryptography to protect credit card numbers. Firewall vendors offer their systems as the only path to safety. In actuality, Internet security is both more simple and more complex than the vendors would have you believe. More simple because it is easy to break the Web down into its components and see where the problems lie; more complex because there are no simple solutions, no magic formulas for making the Web safe.

Web connections have three parts - the browser, the server, and the connection between the two. The user, via his browser, connects to a remote Web server and requests a document. The server returns the document, and the browser displays it. The meaning of Internet security from different points of view are discussed below.

From the user’s point of view, the remote server is owned and operated by the organization that it seems to be owned by. The documents that the server returns are free from dangerous viruses and malicious intent. The remote server will not record or distribute information that the user considers private, such as his Internet browsing habits.

From the Webmaster’s point of view, the user will not attempt to break into the Web server computer system or alter the contents of the Web site. The user will not try to gain access to documents that she is not privy to. The user will not try to crash the server, making it unavailable for others to use. If the user has identified herself, she is who she claims to be.

From both parties’ views, the network connection is free from third-party eavesdroppers listening in on the communications line. The information sent between browser and server is delivered intact, free from tampering by third parties.

Therefore, this paper discusses about Internet security from three aspects – document confidentiality, client-side security, and server-side security. None of these three aspects of Internet security is independent of the other two. The strongest cryptography in the world will not keep a Web page secret if the computer that it is stored on is broken into. An impregnable Web server still won’t protect an organization from public humiliation is a prankster can manage to hijack its name long enough to convince the world that the site was really vandalized.

CHAPTER TWO - DOCUMENT CONFIDENTIALITY

These are measures that protect private information from being disclosed to third parties. One risk to document confidentiality is eavesdroppers who intercept documents as they cross the network. Another risk is fraudulent identities – for instance, a user who misrepresents herself to a We server as someone authorized to download a document, or a Web server that tricks a user into sending it confidential information by pretending to be a trusted site. The main technological fix in this category is cryptography, although simpler measures, such as the use of passwords to identify users, also play an important role.

Cryptography enables confidential information to be transmitted from location to location across insecure networks without risk of interception or tampering, and it allows the two communicating parties to verify each others’ identities without meeting in person.

All cryptographic systems, no matter how complex, have the following four basic parts.

1. Plaintext: This is the message before anything has been done to it. It is either human-redable or in a format that anyone with the proper software can use.

2. Ciphertext: this is the plaintext message after it has been modified in some way to obscure it, rendering it unreadable. The process of converting plaintext into ciphertext is encryption, while the opposite operation is known as decryption.

3. Cyphtographic algorithm: This is the mathematical operation used to convert plaintext into cipertext, and vice versa.

4. Key: This is a secret key used to encrypt and/or decrypt the message. Each key transforms the same plaintext into a different ciphertext. If the cryptographic system works properly, only people who know the correct key can decrypt a piece of ciphertext.

The advantage of cryptography is that the ciphertext can be transmitted across unsecure, public communications channels. Even if the ciphertext is intercepted, it is useless to anyone who does not possess the decryption key. Before the advent of digital computers, plaintext, ciphertext, and key were usually in the form of human-readable text. Now the three are, typically, streams of arbitrary binary information. Video, sound, and software can all be encrypted as easily as plaintext.

CHAPTER THREE - CLIENT-SIDE SECURITY

These are security measures that protect the user’s privacy and the integrity of her computer. Technological solutions include safeguards to protect users against computer viruses and other malicious software, as well as measures that limit the amount of personal information that browsers can transmit without the user’s consent. Also in this category are steps that organizations can take to prevent employees’ Web browsing activities from compromising the secrecy of the company’s confidential information or the integrity of its local area network.

Network eavesdropping is a major potential problem on the Internet. Packet sniffers installed on the path anywhere between Web browser and server can monitor the entire conversation, including the information submitted in fillout forms and stored in cookies. The Secure Sockets Layer (SSL), a flexible and general-purpose encryption system, dramatically reduces the risk by emptying the browser-server data stream. In the process, it also solves another Internet problem, reliably identifying the party at the other end of the network link.

Web browsers have the capacity to download and execute software automatically without warning. In many cases, you may not even know that something special has happened; the software just adds a subtle touch here and there to enhance the behavior and appearance of the page. This capacity is broadly known as “active content.” Because of active content, life for users and network administrators has become more interesting. Users who would ordinarily be reluctant to download software from an FTP site think nothing of surfing to sites they have never heard of. Unbeknownst to them, the site may choose to run untrusted software on their machines via active content. If the software is buggy, it may crash the browser. If the software is written with malicious intent, it may try to damage the user’s system or violate her privacy. From the network administrator’s point of view, active content is of concern because it can used to circumvent a firewall system or to seed viruses throughout the computers on the LAN.

CHAPTER FOUR - SERVER-SIDE SECURITY

These are measures that protect the Web server and the machine it runs on from break-ins, site vandalism, and denial–of-service attacks (attacks that make the Web site unavailable from normal use). Technological solutions run the gamut from firewall systems to operating system security measures. This chapter focuses on preparing a Windows NT Server 4.0 machine and UNIX machine representatively to an Internet server.

Windows NT Web Servers

Windows NT comes in two flavors. Windows NT Server, the more expensive flavor, has complete functionality. It can coordinate the activities of other machines, provide remote access services, run Windows name resolution, and host the Internet Information Server. Windows NT Workstation is a watered-down version of the Server product, with most of the server functions disabled. Microsoft Internet Information Server runs only on NT Server. However, Web servers form other vendors run with the Workstation version of the operating system, as well. From the point of view of system security, the main difference between the two flavors is that NT Workstation comes with an undesirably permissive configuration, while NT Server is stricter.

The main problem is that an out-of-the-box Windows NT Workstation installation is not secure. Most of the system’s files and directories are read/write by Everyone, which means that any local user can tamper with the system to his heart’s content. Further, because of the strange properties of the built-in Everyone group, there are a variety of ways for unidentified Internet users to view and/or alter the system, as well.

Windows NT Server, in contrast, has a more reasonable set of default permissions when first installed. However, it still contains gaps in its configuration that allow for unwanted mischief. It has also been my experience that many Windows NT Servers were not installed from scratch but were upgraded from previous versions of windows NT or from Windows 95. In such cases, the access control lists are probably at their least restrictive setting.

Windows NT uses a family of networking protocols known collectively as “NetBIOS”, to provide Windows file sharing, network printing, and remote system administration. NetBIOS is network-independent. It can run on top of TCP/IP networks as easily as it can across Novell NetWare or IPX. It provides reliable cryptography-based authentication of remote users, and it integrates well with the Windows NT access control system. However, NetBIOS was designed with a local area network in mind, not large networks like the Internet. For this reason, it has certain vulnerabilities including information leakage, client-controlled fallback to weaker authentication, anonymous log-in, and vulnerability to man-in-the-middle attacks.

Trojan horses are programs that appears to be benign- a new screensaver perhaps-but, in reality, have a hidden agenda. While the program pretends to be doing something useful, it is modifying files, stealing information, or adding new entries to the system registry. Trojans may lurk in freeware programs downloaded from the Internet or can be created by local users who are intent on gaining more access to the system than they are authorized for.

Therefore there are several steps for securing a Window NT Web server as the following:

  1. Apply all service patches.
  2. Fix the file system permissions.
  3. Fix the registry access permissions
  4. Remove or disable all extraneous network services.
  5. Add the minimum number of user accounts necessary to maintain the server.
  6. Install the server software and adjust file and directory permissions to restrict unnecessary access.
  7. Remove or disable unnecessary Web server features, CGI scripts, and extensions.
  8. Monitor system and server log files.

We now look at ways of making the server itself run as securely as possible. Microsoft IIS and other servers support a few optional features that potentially can be used by unscrupulous individuals to gain information about your system. Unless you really need these features, you should turn them off. Also limiting denial-of-service attacks is another way to make the server secure. Monitor the Web server and event logs and create a backup system should be implemented for the server security.

UNIX Web Servers

The UNIX operating system was designed in the days of mainframes, when no one could imagine having a computer devoted to the needs of a single person. One of the most basic aspects of UNIX is that it is a multi-user system. A single machine supports several (or hundreds) of users. Each has a unique home directory and environment, and each is protected against interference from the others by a system of access permissions. Files, programs, devices, and other system resources are all protected by access control. A user cannot modify or even read a particular resource unless her account has been granted the ability to read or write it. To simplify things, users can be placed into groups that have certain access rights and privileges in common. When a group as a whole is granted permission to access a resource, the permission is automatically extended to all users within the group.

User and group access rights are the basis for UNIX system, including those that provide Internet services, runs with the permission of some user or another. A typical UNIX server system will run several services to handle such things as remote login, the printer incoming FTP, and e-mail. Each of these services runs under a user account. For example a user named lp is used for the printer server, ftp for the FTP server, and daemon for various other services.

The root user, also known as the super-user, is a single all-powerful administrative account that has unrestricted access to all parts of the system. Users that have logged in as root have broad powers (to good, as well as to do damage) because no part of the system is protected from them. The same applies to services that run with super-user privileges, which is why this practice is strongly discouraged.

When you first unpack a UNIX system, it is set up as a general purpose machine and may not be particularly secure. You will need to harden the system before you can safely host a Web site with it. Most of the messy work in setting up a UNIX Web server secure involves just four tasks.

  1. Apply vendor operating system patches.
  2. Turn off unessential services.
  3. Add the minimum number of user accounts
  4. Get the file and directory permissions right.

Ideally you should take these steps off-line before you physically plug the system into the network.

CHAPTER FIVE - CONCLUSION
Internet security is the practice of protecting and preserving private resources and information on the Internet, and it is a challenging topic among executives and managers of computer corporations. Together, network security and a well-implemented security policy can provide a highly secure solution. Employees can then confidently use secure data transmission channels and reduce or eliminate less secure methods.

There are many strong tools available for securing a computer network. By themselves, the software applications and hardware products that secure a business and computer network do not comprise a security policy, yet they are essential elements in the creation of site security. While these technologies are not the focus of this paper, a basic understanding of them will facilitate the creation of a site security policy.

BIBLIOGRAPHY

Oppliger, Rolf (2000). Security Technologies for the World

Wide Web. Artech House,Inc.

Cheswick, William R. & Bellovin, Steven M. (2003). Firewalls

and Internet Security. Addison Wesley Publishing Company