CPL - Chalmers Publication Library
| Utbildning | Forskning | Styrkeområden | Om Chalmers | In English In English Ej inloggad.

Security Evaluation of a PC Network based on Intrusion Experiments

Ulf Gustafson (Institutionen för datorteknik) ; Erland Jonsson (Institutionen för datorteknik) ; Tomas Olovsson (Institutionen för datorteknik)
SECURICOM 1996 - 14th Worldwide Congress on Computer and Communications Security Protection (1996)
[Artikel, refereegranskad vetenskaplig]

This paper presents an intrusion experiment in which the target system was a Personal Computer network connected to a Novell NetWare 3.12 server. Undergraduate students with little security expertise and hardly any knowledge of the system served as attackers and were given the task of performing as many intrusions as possible. The objectives of the experiment were twofold: first, to learn more about how to gather and process data from intrusion experiments and to form a methodology applicable to a generic class of computer systems; and, second, to find out whether it is actually possible to create a secure system based on insecure PC workstations. This paper deals mainly with the latter objective, and investigates how and to what extent unevenly distributed security features, such as a “secure” file server with untrusted clients, affect overall system security. Furthermore, in experiments, as opposed to real life situations, it is possible to collect information about how the attacking process is carried out. Before the experiment, we anticipated that the attackers would create Trojan Horses on the clients to spoof other users during the login process, but we did not expect them to find as many serious vulnerabilities in the concept as they did. The experiment shows that untrusted PC clients have ample intrusion possibilities, and that the vulnerabilities can not be compensated by security features elsewhere in the system. Novell has undoubtedly spent more effort in securing the file server and its assets than in securing the clients in the system. This paper contains a summary of the security problems the attackers found, from which it is evident that several new security mechanisms must be added before a NetWare 3.12 system can be regarded as secure.

Nyckelord: Security, Vulnerability, Intrusion, PC Network, Experimentation, Tiger Team



Den här publikationen ingår i följande styrkeområden:

Läs mer om Chalmers styrkeområden  

Denna post skapades 2013-04-29. Senast ändrad 2015-12-17.
CPL Pubid: 176284

 

Läs direkt!

Lokal fulltext (fritt tillgänglig)


Institutioner (Chalmers)

Institutionen för datorteknik (1985-2001)

Ämnesområden

Informations- och kommunikationsteknik
Datavetenskap (datalogi)

Chalmers infrastruktur