[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Mk IV network security
- To: "TASS" <email@example.com>
- Subject: Re: Mk IV network security
- From: "Shawn Dvorak" <firstname.lastname@example.org>
- Date: Wed, 28 Oct 1998 21:10:00 -0500
- Old-Return-Path: <email@example.com>
- Resent-Date: Wed, 28 Oct 1998 21:25:24 -0500
- Resent-From: firstname.lastname@example.org
- Resent-Message-ID: <"dwbccC.A.mwG.RH9N2"@kani.wwa.com>
- Resent-Sender: email@example.com
I think that a setup that would allow us any of the three options that Arne
details below would be a good solution. Those that are risk-adverse can opt
for option 3 (no remote access), while others might take option 2. I doubt
that the zero security of option 1 is a good choice for anyone. While I
doubt that TASS installations will be hot targets for hackers, why leave the
front door wide open?
Chris' suggested method of adding users to an authorization file would
accommodate any of the three options. This method is identical to that used
by Unix for controlling rsh/rexec access to machines. If the rest of the
system is properly configured to be secure (e.g.: no ftp access inbound, no
rsh capability), then it is reasonably secure. The authentication as
detailed does have a security hole that would allow a hacker to spoof a
valid address in the authorization file and gain access. But the hacker
would need to have used a sniffer to determine a valid IP address and user
id. Although we could require a password for any access we would have to
implement some encryption scheme to prevent sniffers from capturing the
password as well as IP address and user id information. It's probably too
much work; Like I said earlier, we won't be likely targets for hackers.
No matter what security level is used it would certainly be wise to have
some idiot-proofing logic in the system. Either software or hardware limit
switches need to be in place to protect the camera. There was some
discussion several months ago about a rain detector system. A simple rain
detector consisting of fine, uninsulated copper wires alternating with live
and ground voltages would make a simple and seemingly satisfactory rain
detector. It will be too easy to accidentally command the wrong camera to
"open up", especially when many people can have access to multiple cameras
from hundreds of miles away.
From: firstname.lastname@example.org <email@example.com>
To: firstname.lastname@example.org <email@example.com>
Date: Tuesday, October 27, 1998 3:23 PM
Subject: Re: Mk IV network security
>Our network, to get the kind of security we need, uses one-time passwords.
If you are
>really worried about some hacker getting control of a mark IV, that is what
>suggest, with a set of passwords sent by postal mail to each valid user.
>you have three choices: (1) completely open access, with the telescope
>by hardware/software interlocks from damaging itself; (2) primitive
>Chris has suggested, which keeps the novice from hurting anything; or (3)
>access at all, other than perhaps to upload a schedule or check status.
>intending to run our mark IV in mode#3.