A.5 Security Considerations

A.5 Security Considerations

It should be obvious that tapping into a network's traffic lets you see many things you shouldn't see. For example, the passwords typed by users of applications such as Telnet and FTP are transmitted across the network exactly as the user enters them. (This is called the cleartext representation of the password, in comparison to the encrypted representation. It is the encrypted representation that is stored in the Unix password file, normally /etc/passwd or /etc/shadow. ) Nevertheless, there are many times when a network administrator needs to use a tool such as tcpdump to diagnose network problems.

Our use of tcpdump is as a learning tool, to see what really gets transmitted across the network. Access to tcpdump, and similar vendor-supplied utilities, depends on the system. Under SunOS, for example, access to the NIT device is restricted to the superuser. The BSD Packet Filter uses a different technique: access is controlled by the permissions on the devices /dev/bpf XX . Normally these devices are readable and writable only by the owner (which should be the superuser) and readable by the group (often the system administration group ). This means normal users can't run programs such as tcpdump, unless the system administrator makes the program set-user-ID.



TCP.IP Illustrated, Volume 1. The Protocols
TCP/IP Illustrated, Vol. 1: The Protocols (Addison-Wesley Professional Computing Series)
ISBN: 0201633469
EAN: 2147483647
Year: 1993
Pages: 378

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net