Network Security in the New Millenium
My family is installing DSL and wireless networking, which will expose us to substantially more security problems than in the past. Wireless networking is likely to appear soon at the UCLA Mathematics Department as well. My goal is, therefore, to assess what the threats are and how they might be mitigated. It is generally believed that a determined attacker with plenty of time and large but achievable resources is likely to successfully perpetrate any exploit he pleases, just as a determined burglar or embezzler is likely to be able to steal any of your resources. Nonetheless, most people who are careful about physical security do not get burgled, and I ...view middle of the document...
In the academic setting occasional undergraduates concoct elaborate schemes to steal examinations or to tamper with grades. They may also retaliate against unfavorable outcomes by embarrassing the department or specific professors in it.
In random threats, on the other hand, the only relation between the hacker and the victim is that the victim is vulnerable. Nowadays we can expect blanket attacks in which an automated script attacks every address in a range, and does the exploit on all vulnerable machines. Dupes are generally selected at random. Random threats can become targeted, if the exploit is to scan for resources that the hacker considers valuable; the hacker would then return in a targeted attack to collect the resource.
Another dimension distinguishing threats is the purpose of the attack. Vandalism is common, in which the victim's disc is wiped. Targeted vandalism more often takes the form of putting embarrassing material in a public place such as the victim's web pages. A particularly insidious form of targeted vandalism is to introduce subtle corruption, for example by adding a nickel here and a dime there to financial records, that is likely not to be noticed until an audit (internal, the victim hopes). Recent months have seen targeted denial of service attacks, in which vast numbers of dupes are caused to bombard the victim with traffic which is legitimate as to form.
Another purpose variant is a virus attack, in which the purpose of the virus is to reproduce. Except possibly for the initial infection, viruses appear randomly. Generally the virus has some kind of payload, which is more or less subtle vandalism.
The next variant on this dimension is stealing or falsifying data. Sometimes the data itself is valuable, such as an examination before it is administered, or the data may simply give the hacker access to the real object of value.
Finally the hacker may be interested in impersonating the victim. For example a professor (impersonated by a student hacker) might notify the members of his class that an exam had been postponed. In this kind of attack the message is accepted as authoritative by the recipient, even though the sender did not actually authorize it. Another serious threat is for the hacker to impersonate the victim at a financial institution.
Stealing and impersonation pretty much have to be targeted attacks, unless there is a piece of software, such as a home banking interface, that is vulnerable and that is common enough that a blanket attack will turn up numerous instances before the hole is plugged.
In the family DSL scenario, targeted attacks are unlikely, and the major threat will be random and blanket attacks. On the other hand, at any one time there may be one or two students who are motivated and technically able to mount a targeted attack on the department, given a vulnerability; and (unsuccessful) random attacks are seen daily.
Types of Exploits
It's a fact of life that desktop computers, and particularly...