Packet anonymity is the problem?

Sun Apr 11 04:11:25 UTC 2004

On Apr 10, 2004, at 10:48 PM, Sean Donelan wrote:

> If you connect a dialup modem to the public switched telephone 
> network, do
> you rely on Caller ID for security?  Or do you configure passwords on 
> the
> systems to prevent wardialers with blocked CLIDs from accessing your
> system?  Have a generation of firewalls and security practices 
> distracted
> us from the fundamental problem, insecure systems.
>
>
> http://www.ecommercetimes.com/perl/story/security/33344.html
>   Gartner  research vice president Richard Stiennon confirmed that 
> packet
>   anonymity is a serious issue for Internet security.
> [...]
>   "Because of the way TCP/IP works, it's an open network," Keromytis
>   said. "Other network technologies don't have that problem. They have
>   other issues, but only IP is subject to this difficulty with abuse."

Is IP really more insecure than, say, *nix?  Back in the days of open 
mail relays and telnet and guest accounts and anonymous FTP sites, 
etc., hosts were at least as insecure as the "network" is today.  
Filtering source addresses is analogous to turning off telnet or 
applying TCP wrappers on a host.  No one seems to think that securing 
your host is a bad idea, but securing your network seems to be way too 
much trouble.

Of course, the analogy only goes so far.  Filtering source addresses 
costs you time & effort, and maybe even hardware if you are running old 
boxes.  Not filtering doesn't really do much until someone launches an 
attack from your network and you might not even notice that.  Leaving 
telnet running on your host hurts you directly, so that is not even 
considered.

Point is IP is not "inherently insecure".  IP is just a transport 
mechanism.  How you configure it, and what you do with it, is up to 
you.

> [...]
>   Bellovin compared the situation to bank robberies. "[S]treets, 
> highways
>   and getaway cars don't cause bank robberies, nor will redesigning 
> them
>   solve the problem. The flaws are in the banks," he said. Similarly, 
> most
>   security problems are due to buggy code, and changing the network 
> will
>   not affect that.

I've always liked that Bellovin guy. :)

Another note: Today's attacks tend to not spoof source addresses.  
What's a few 10s of 1000s of zombies here or there?  Let them be 
caught, not worth the time to put in source spoofing code.  Easier to 
just make them spew massive bits as fast as they can.  Shouldn't we 
concentrate on the problem (hosts), not the transport?

-- 
TTFN,
patrick