Understanding and Deploying LDAP Directory Services > 11. Privacy and Security Design > Security Threats |
Security ThreatsThere are many potential threats to security, and an entire science and industry have grown up around this important area. Several good books on the subject provide excellent coverage of security in general and treat the subject in a more complete and formal manner than we will here. Because the subject of this book is directories, not security, we will take a more pragmatic and focused approach toward describing the range of security threats. This section provides an example-driven overview of the most typical threats to directory security. We've broken up the threats into three categories: unauthorized access, tampering with information, and denial-of-service. It's important to understand that an attacker does not necessarily have to be particularly clever to use one of these attacks. With the popularity of the Internet and the growth of the bad guy community along with it, the advantages of shrink-wrapped software have come to computer security attacks. For most of the threats we describe in this chapter, you can find ready-made software that will exploit it. People trying to compromise your security are often just running shell scripts and programs they downloaded off the Internet. They may have less of an idea how the programs operate than you do! Of course, there are exceptions, too: Wily hackers who discover security holes and write the programs that exploit them are still in abundance . A commonly held security myth is that most attacks are made by hackers operating out of their basement computing lairs. In reality, most attacks, especially successful ones, are made by your own employees , administrators, and users. In practice, the "inside job" poses by far the greatest threat to your directory's security in most environments. When designing your security solution, be sure to consider threats both inside and outside your organization. Unauthorized AccessThe unauthorized access threat may seem simple to protect against. You should authenticate clients accessing your directory and provide access control restricting the information that these clients can access. Problem solved , right? Unfortunately, it's not quite that easy. Think about the way directory information is delivered to authorized clients. There are several opportunities along this path for an unauthorized client to gain access to the data. Here are several breaches that can occur:
Unauthorized TamperingAccess to directory data is one thing, but if an attacker can actually change directory data ”either as it resides in the service itself or en route between client and server ”a new set of problems arises. If that were to happen, clients could no longer trust the information they receive from the directory, servers could no longer trust the modifications and queries they receive from clients ”and the directory service would soon become useless. Many of the attacks described in the previous section could result in data tampering, as could other new attacks. Following are the attack methods you need to be concerned about:
Denial-of-service AttacksAnother kind of security threat to your directory does not involve stealing or changing data at all. Instead, the attacker's goal is to prevent the directory from providing service to its clients. Such an attack is called a denial-of-service attack . Denial-of-service can be one of the hardest security problems to guard against and detect. There are two main types of denial-of-service attacks:
There are several reasons someone might conduct a denial-of-service attack on your directory. The first and probably most likely is simply by mistake. Bugs in directory client software, misconfigured software, or simply a lack of awareness of the consequences of certain actions can all lead to denial-of-service. Your best guards against this kind of attacker are education, monitoring, and auditing. The second reason someone might conduct a denial-of-service attack on your directory is simple maliciousness. The attacker might be out to ruin your day or the days of your users. The attacker might have a specific problem with you or your service, or your service might simply provide a convenient target for wreaking general havoc. Either way, you would do well to guard against this kind of attacker. The final and most insidious reason someone might conduct a denial-of-service attack on your directory is to help them compromise another system that depends on the directory. For example, if your Web server depends on the directory to authenticate users, attacking the directory can effectively disable the Web service. This kind of attack can be difficult to defend against because the real motivation behind the attack may never be known.
|
Index terms contained in this sectionaccessunauthorized backdoors connection hijacking credential forging credential stealing network sniffing 2nd physical access software bugs trojan horses backdoor access security bugs software security connections hijacking security credentials forgery security stealing security denial of service security denial of service attacks security direct resource consumption 2nd indirect resource consumption 2nd design security 2nd 3rd 4th 5th 6th backdoors connection hijacking credential forging credential stealing direct resource consumption (denial of service) 2nd indirect resource consumption (denial of service) 2nd man in the middle attacks masquerading network sniffing 2nd physical access software bugs trojan horses 2nd direct resource consumption (denial of service attacks) 2nd directories security 2nd 3rd 4th 5th 6th backdoors connection hijacking credential forging credential stealing direct resource comsumptions (denial of service) 2nd indirect resource ce) indirect resource comsumptions (denial of service) man in the middle attacks masquerading network sniffing 2nd physical access software bugs trojan horses 2nd forgery security hackers hijacking connections security indirect resource consumption (denial of service attacks) 2nd man in the middle attacks (security) masquerading security network sniffing security 2nd physical access security security 2nd 3rd denial of service denial of service attacks direct resource consumption 2nd indirect resource consumption 2nd unauthorized access 2nd backdoors connection hijacking credential forging credential stealing masquerading network sniffing 2nd physical access software bugs trojan horse unauthorized tampering man in the middle attacks trojan horses sniffing network security 2nd software bugs security stealing credentials security tampering unauthorized man in the middle attacks masquerading trojan horses threats security 2nd 3rd 4th 5th 6th backdoors connection hijacking credential forging credential stealing direct resource consumption (denial of service) 2nd indirect resource consumption (denial of service) 2nd man in the middle attacks masquerading network sniffing 2nd physical access software bugs trojan horses 2nd trojan horses security 2nd unauthorized access backdoors connection hijacking credential forging credential stealing network sniffing 2nd physical access software bugs trojan horses unauthorized tampering man in the middle attacks masquerading trojan horses |
2002, O'Reilly & Associates, Inc. |