Firewall Wizards mailing list archives
Re: tunnel vs open a hole
From: Dave Piscitello <dave () corecom com>
Date: Tue, 08 Apr 2003 16:25:00 -0400
At 03:07 PM 4/8/2003 -0400, Frederick M Avolio wrote:>Of course, encryption exacerbates the problem. :-) We can then gain a tremendously high level of >assurance that Dave Piscitello did something over SSL to a particular IP address from a particular >IP address.
This "opaque tunnel is worse than a cleartext channel" argument is tiresome. If you qualify the argument with "ill-conceived deployment [of opaque tunnels]"then I concede this is as perceptive an claim as "leaving a local console logged in
as root and unattended is A Bad Idea". Odd, but I thought having a temendously high level of assurance that the identity at the client end of an tunnel is indeed Dave Piscitello allows you to constrain what Dave is permitted to access and execute. Encrypting the tunnel protects authentication and information exchange. Yes, VPNs are imperfect extensions to an already imperfect (login) model. They try to create as close a semblance to a "local session" UI as possible. Isn't this a cost of distributed/mobile/extreme computing? We *could* all go back to requiring client access from a physically secured premise, to a glass-enclosed central computer. And of course we are now so sophisticated with our biometrics that shy of "Mission Impossible" calibre attackers, we are *assured* no unauthorized activity can take place. My point is that in response to Anton's *original* posting, and Marcus' claim, SSH/SSL/VPN is *one* more security measure/layer. The root causeyou and Adam identify as killing indictments of VPNs - compromised identities - is
an inherited problem, not one unique to VPNs. Oh, yes, it is exacerbated by allowing tens of millions of people *promiscuous* use of a global networking infrastructure. Sorry, I lost myself for a moment. At 03:07 PM 4/8/2003 -0400, Frederick M Avolio wrote:
No one discussed the benefits of using an encrypted, authenticated tunnel (SSL, SSH, ...), which do provide additional controls. If I were developing/deploying a (presumably) distributed application *today*, I would begin with the assumption that I need stronger authentication than UIPW, message integrity, and message confidentiality. Many of the problems we struggle to correct today stem from the fact that we think of security as something orthogonal to application functionality rather than a core component/requirement.Of course, encryption exacerbates the problem. :-) We can then gain a tremendously high level of assurance that Dave Piscitello did something over SSL to a particular IP address from a particular IP address. Which adds authentication and little else on top of the paragraph you cited:"The real question is whether the tunnelling system provides _ANY_ security controls above and beyond ip/src/dest/logging."Fred
David M. Piscitello Core Competence, Inc. & 3 Myrtle Bank Lane Hilton Head, SC 29926 dave () corecom com 843.689.5595 www.corecom.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- tunnel vs open a hole, (continued)
- tunnel vs open a hole Anton A. Chuvakin (Apr 06)
- Re: tunnel vs open a hole Marcus J. Ranum (Apr 06)
- Re: tunnel vs open a hole Barney Wolff (Apr 06)
- Re: tunnel vs open a hole Marcus J. Ranum (Apr 06)
- Re: tunnel vs open a hole Crispin Cowan (Apr 07)
- Re: tunnel vs open a hole Barney Wolff (Apr 07)
- Re: tunnel vs open a hole Crispin Cowan (Apr 07)
- Re: tunnel vs open a hole Dave Piscitello (Apr 08)
- Re: tunnel vs open a hole Frederick M Avolio (Apr 08)
- Re: tunnel vs open a hole Adam Shostack (Apr 08)
- Re: tunnel vs open a hole Dave Piscitello (Apr 08)
- Re: tunnel vs open a hole Frederick M Avolio (Apr 09)
- Re: tunnel vs open a hole Frank Knobbe (Apr 08)
- Re: tunnel vs open a hole Adam Shostack (Apr 06)
- Re: tunnel vs open a hole Mikael Olsson (Apr 06)
- Re: tunnel vs open a hole Bernie, CTA (Apr 06)
- Re: tunnel vs open a hole Christine Kronberg (Apr 07)
- Re: tunnel vs open a hole Anton A. Chuvakin (Apr 07)
- Re: tunnel vs open a hole R. DuFresne (Apr 07)
- Re: tunnel vs open a hole Dave Rinker (Apr 07)
- Re: tunnel vs open a hole Mikael Olsson (Apr 08)