TCP/IP - Security Perspective
Upper Layers
CS-431
Dick Steflik
Application Layer Protocols
Messaging Protocols
SMTP, POP, MIME, IMAP, IM
Telephony
H.323, SIP (used with VoIP)
RPC Based Protocols
NIS, NFS, Andrew
File Transfer Protocols
TFTP, FTP, SMB
Remote Login
Telnet, rlogin, Ssh,
Information Services
Finger, whois, LDAP, WWW,NNTP
Proprietary Protocols
RealAudio, SQL’Net, VNC
SMTP
Biggest problem is figuring out who a
piece of mail is really from
Must use a higher level mechanism for trust or
privacy
Most SMTP clients use sendmail which has
been a constant source of security problems
for years
MIME
MIME headers could be hand crafted by
hacker to overwrite data
MIME fragmentation could subvert virus
checkers ability to detevt embedded virus’
Mailing of executable programs
POP
Pretty insecure
Passwords not secure, sent as clear text
Exchanges are done as clear text
Can be done over SSL/TLS
Some UNIX systems POP runs as root until
user is authenticated and then switches to that
userid, never good to have servers running as
root (many sysadmins set up to run servers as
nobody)