Great Circle Associates Firewalls
(December 1996) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Re: Firewalls over NT vs. UNIX
From: peter @ baileynm . com (Peter da Silva)
Date: Thu, 5 Dec 1996 19:08:47 -0600 (CST)
To: Russ . Cooper @ RC . on . ca (Russ)
Cc: peter @ baileynm . com, firewalls @ GreatCircle . COM
In-reply-to: <F19A117D9446D011A0830000E8D5C667000000002FFF @ mail . rc . on . ca> from "Russ" at Dec 5, 96 07:32:05 pm 
> Your "gaps" are based on your understanding of how NT works with 
> particular applications (some belonging to Microsoft), and in a 
> particular environment which NT was not designed to function within 
> (Citrix, WinDD, et al).

Yes, sir. I expected this response. You're still not being paranoid enough.

Let's look at this again. I have found a number of security problems that
if I were as well acquainted with NT as I am with UNIX would lead to
violations of the security policy, in an NT system on which untrusted
applications run. The environment with which I am familiar is such a
system... but so is a firewall running proxies. My experience with WinDD
is definitely relevant to this situation.

Some of these holes can certainly be closed on a firewall, as can similar
holes in UNIX... but I'm not convinced that all of them can, because NT does
not have any analog to a chrooted jail, and you have to actually take the
necessary actions to close them.

> Bypassing traverse checking is only required if something plans on 
> scanning the directory trees,

Actually, that's not right. You need to bypass traverse checking to let
applications access anything in the registry after you disable access
to the registry root to keep external programs from getting into the registry
through the network.

> >NT, as a system, has not been given the same overall attention to
> >security as UNIX. And that's truly scary, because UNIX was not
> >originally designed with high levels of security as a goal!
> *
> Well, that's not what their stated design goals were, so your 
> information comes from where?

My experience with NT, looking at it as a potential cracker would. There
are some potentially good security facilities, but the system as a whole
does not build on them in a secure fashion.

> There are a lot of things which you cannot do personally, if you tried 
> to scrutinize the NT source code it would probably take you a 
> considerable amount of time.

Other people who think like me can scrutinize UNIX, but they don't have
access to NT for the same reason I don't.

> *You* can scrutinize NT's source code if 
> you want, you just have to buy a license.

And sign an NDA which limits my ability to pass on the lessons learned
from this excersize. Did you miss that point?
References:
Indexed By Date Previous: Re: Netscape gold ?!
From: Mike Shaver <shaver @ neon . ingenia . ca>
Next: I need help
From: "IFOP52" <IFOP52 @ email . lagoven . pdv . com>
Indexed By Thread Previous: RE: Firewalls over NT vs. UNIX
From: Russ <Russ . Cooper @ RC . on . ca>
Next: RE: Firewalls over NT vs. UNIX
From: riordan @ math . umn . edu
Google
 
Search Internet Search www.greatcircle.com