Firewalls: RE: Air force web site hacked

Firewalls
(December 1996)

Indexed By Thread: [Previous] [Next]

Subject:	RE: Air force web site hacked
From:	"Paul D. Robertson" <proberts @ clark . net>
Date:	Tue, 31 Dec 1996 18:55:29 -0500 (EST)
To:	mrwilhe @ odin . cmp . ilstu . edu
Cc:	firewalls @ GreatCircle . COM
In-reply-to:	<1 . 5 . 4 . 32 . 19961231212635 . 008e3c44 @ odin . cmp . ilstu . edu>

On Tue, 31 Dec 1996 mrwilhe @
 odin .
 cmp .
 ilstu .
 edu wrote:

> In the Department of Defence Rainbow Book Series:  A Guide To Understanding
> AUDIT In Trusted Systems (1988).  There is a part in the book that explains
> trusted systems audits using write-once media -- CD-Rom.  This prevents
> crackers from inflitrating computers and changing their contents.  I believe
> this is what major "public" web sites should use for there homepages to keep
> them from being altered.

This is a completely untenable position for a lot of major sites.  I have
major sites that update content every 30 seconds to 2 minutes, the 
content is *supposed* to change.  Not many people will revist a web site that 
has the same content over and over again.  Not to mention having to take 
the site down to put up new content, change errors, or recover from either 
'joke' testing, or malicious soon-to-be-former employees.

If you've done any studying at all of web traffic patterns, you will see 
very quickly that a site that doesn't change every 20 minutes or less 
will not draw repeat visits for very long.  If the site is based on 
advertising revenues, that's a complete killer.  5-10 seconds to usable 
content, Maximum 3 levels deep for non-targeted data, change on the first 
page if it's non-targeted info, these are all pretty much tennants of most 
large commercial sites.

> The Web server would have to be based on all write once media -- from the
> Operating systems and all other aspects, otherwise the attacker would just
> redirect the homepage contents to a hard drive.  

Doesn't matter, I could just launch a server that redirected you to a 
site with the content mirrored and altered, or serve the pages out of 
memory, or off of RAM disk.

Properly securing the server is the only 'right' option, unless your 
server is running on a real 'trusted' OS, any write-only scheme can be 
subverted.

Securing web servers isn't rocket science, you just have to put some 
effort into it.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts @
 clark .
 net      which may have no basis whatsoever in fact."
                                                                     PSB#9280

References:

RE: Air force web site hacked
From: mrwilhe @ odin . cmp . ilstu . edu

Indexed By Date	Previous:	Re: Air Force Web Site Hacked From: Mark Laubach <laubach @ terra . com21 . com>
Indexed By Date	Next:	Lightweight Directory Access Protocol From: FaNgYoU2 <fangyou2 @ panix . com>
Indexed By Thread	Previous:	Re: Air force web site hacked From: Adam Shostack <adam @ homeport . org>
Indexed By Thread	Next:	Re: Air Force Web Site Hacked From: Paul Ferguson <pferguso @ cisco . com>