Practical UNIX & Internet Security

Practical UNIX & Internet SecuritySearch this book
Previous: 17.3 Primary UNIX Network ServicesChapter 17
TCP/IP Services
Next: 17.5 Monitoring Your Network with netstat
 

17.4 Security Implications of Network Services

Network servers are the portals through which the outside world accesses the information stored on your computer. Every server must:

By their design, many servers must run with root privileges. A bug or an intentional back door built into a server can therefore compromise the security of an entire computer, opening the system to any user of the network who is aware of the flaw. Even a relatively innocuous program can be the downfall of an entire computer. Flaws may remain in programs distributed by vendors for many years, only to be uncovered some time in the future.

Furthermore, many UNIX network servers rely on IP numbers or hostnames to authenticate incoming network connections. This approach is fundamentally flawed, as neither the IP protocol nor DNS were designed to be resistant to attack. There have been many reports of computers that have fallen victim to successful IP spoofing attacks or DNS compromise.

Given these factors, you may wish to adopt one or more of the following strategies to protect your servers and data:


Previous: 17.3 Primary UNIX Network ServicesPractical UNIX & Internet SecurityNext: 17.5 Monitoring Your Network with netstat
17.3 Primary UNIX Network ServicesBook Index17.5 Monitoring Your Network with netstat