[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Mk IV network security
- To: tass@wwa.com
- Subject: Mk IV network security
- From: Chris Albertson <chris@topdog.pas1.logicon.com>
- Date: Tue, 27 Oct 1998 11:01:43 -0800
- Delivery-Date: Tue Oct 27 14:46:21 1998
- Old-Return-Path: <chris@topdog.pas1.logicon.com>
- Organization: Logicon RDA
- Resent-Date: Tue, 27 Oct 1998 14:46:16 -0500
- Resent-From: tass@wwa.com
- Resent-Message-ID: <"CmuJ3B.A.WzC.5fhN2"@kani.wwa.com>
- Resent-Sender: tass-request@wwa.com
- Sender: chris@topdog.pas1.logicon.com
I know most people don't care about software internals but I post
this kind of stuff just in case I've done something dumb in hope
it will get spotted.
I added some minimal security features to my Mk IV driver. These
can be defeated by someone who knows what he is doing and is willing
to work at it. It is about as good as putting a cheap lock on your
front door. It can be kicked it but keeps most people out.
It is possible however
to design the system to keep anyone lacking the resources of a
government agency out. This would require strong cryptography and
make the system a bit harder to use. If anyone has comments one
way or another lets hear 'em. The question is "How secure must an
Internet connected Mk IV be?"
One thing to note. Once the operator of a Mk IV system puts
your name/host in his Mk4d.auth file (see below) you will have the
same degree of control over the telescope as anyone else whose
name is in the file. The control software is such that remote and
local control have the exact same look and feel. Should we worry
much about some anti-social teenager commanding a roof to open while
it is raining? My guess is that the cheap lock is good enough.
Here is the current setup. I've done a little testing and it
seems to work:
Users will be allowed to control the telescope if one of the
following two conditions (a or b) are met:
a) the user connects from a computer who's IP address is
on an approved list AND his username is on an approved list.
username is determined by querying the Ident server running
on the connected machine. The idea here is that if the machine
is on the list of trusted IP address you can trust the Ident
server. This is the likely case if you are controlling the
telescope from a computer on a local Ethernet.
or
b) the user has his username in the list of approved usernames and
supplies a valid password. This allows access from any computer
on the Internet
This is to cover the case where someone wants to control a MkIV
system located at an observatory from is home computer. Typically
home computers are connected to the Internet by dail-up phone modems
and are assigned unpredictable IP addresses valid only for the
duration of the dial-up session. So "a" could not work.
Access is controlled by a file "Mk4d.auth" on the real-time computer.
You can use wild cards in the user or hostnames. "#" is the comment
character A very dumb example file would be:
# Mk IV authorization file.
#
# USER HOST
* * # Anyone from any machine world wide
* *.foobar.edu # Anyone located at Foobar U campus
chris kurtz.pas1.logicon.com # Me on my office computer
bob <PASSWORD_REQUIRED> # 'Bob" can login from anyhwere is he
# supplies a password.
--
--Chris Albertson
chris@topdog.logicon.com Voice: 626-351-0089 X127
Logicon RDA, Pasadena California Fax: 626-351-0699