Chapter 4 - Information Network Protection

Copyright(c), 1990, 1995 Fred Cohen - All Rights Reserved

Information networks (i.e. networks) are a central issue today because of their widespread proliferation and the high degree of dependency placed upon them by society. The most obvious example is the telephone system which has been in place for over 50 years. Airline reservation systems, and air traffic control systems are networks heavily depended upon by every air traveller. Automatic Teller Machines (ATMs) are networked systems available in almost every shopping mall, and banks regularly exchange funds with computer networks. Many personal computers have modems, and with the purchase of a modem control program, a limited amount of free access to nationwide computer networks is often provided. Many libraries use computer networks for interlibrary loans. Most businesses use computer networks to get credit information from credit bureaus. Computer mail, file transfer, and remote terminal access has been in widespread use for over 20 years.

This tremendous communications capability has also brought about tremendous information protection problems. The telephone system is often abused by 'fone phreaks' [TAP75] and obscene phone callers, the airline reservation system is used to overbook flights, and the air traffic control system is often overwhelmed by the volume of information it must handle, thus creating potentially life threatening situations [Spectrum87] . ATMs are often sights for armed robbery, and fraudulent use of electronic funds transfer has resulted in hundreds of millions of dollars in losses. Personal computers have been used to break into many computer systems, to spread information about how to defraud, and to spread malicious programs throughout the nation. Interlibrary loans often delay the availability of books, while credit bureau problems have caused many people tremendous inconvenience, and many businesses substantial amounts of money. In university and business networks, attackers have exploited protection problems to penetrate hundreds of computers throughout the nation [Reid83] , often extracting research results which are not ready for widespread dissemination, attaining crucial business information, or causing denial of services.

Questions:

1 - Identify, explain, and discuss:

a) Two opposing schools of thought on the network protection problem
b) Similarities and differences between OS and network protection
c) Four uses for cryptography in network protection
d) Covert channel and traffic analysis problems and solutions

2 - Explain the virtues and problems with these network architectures:

a) Star networks
b) Ethernets
c) Ring networks
d) Bus networks

3 - Explain virtues and problems with these communications technologies:

a) Fiber optics
b) Twisted pair
c) Coaxial cables
d) Ultrasound
e) Radios

4 - Describe and explain:

a) Collusion and configuration analysis in networks
b) Threats from gateways and techniques for eliminating them
c) Threats from file servers and techniques for eliminating them
d) Features of the ISO OSI protection policies and methods
e) Protection problems with network protocols

5 - What do these terms mean:

a) Data compromise
b) Erroneous communication
c) Denial of service
d) Trusted Network Base
e) Trusted Network Component Base

6 - According to the TNEC only the issue of data compromise is relevant to stand-alone computer systems. Explain problems with this thinking and give some examples.