nanog mailing list archives
"top secret" security does require blocking SSH
From: woods () weird com (Greg A. Woods)
Date: Sun, 9 Jul 2000 13:53:20 -0400 (EDT)
[ On Sunday, July 9, 2000 at 08:22:46 (-0700), Roeland M.J. Meyer wrote: ]
Subject: RE: RBL-type BGP service for known rogue networks? In many organizations, a system isn't considered secure unless port 22 is blocked, at the firewall. It is, after all, the secure port, that must mean that you have to block it to be secure, right?
Yes, that's exactly right, but not for the reasons you imply. If the primary concern of a security policy is that covert channels must be prevented then it is absolutely mandatory that port-22 be blocked since it is by definition a covert channel. However having any kind of Internet connection, proxied or not, into a site where sensitive information must not be allowed to be leaked is in effect a violation of the policy. Unfortunately we're rapidly approaching (if we're not already there) a state of affairs where it is impossible to technically prevent inbound and outbound covert channels wherever people are required to interact in a privileged way with security sensitive systems. A paper given at last year's ACM New Security Paradigms Workshop by Dean Povey ("Optomistic Security: A New Access Control Paradigm") suggests that it might be better to adopt the view that security officers should "Make the users ask forgivness not permission." Whether this paradigm can successfully be delployed in top secret (or higher) environments or not is yet to be discussed. I suspect it can but then I'm not an expert in traditional forms of high security. -- Greg A. Woods +1 416 218-0098 VE3TCP <gwoods () acm org> <robohack!woods> Planix, Inc. <woods () planix com>; Secrets of the Weird <woods () weird com>
Current thread:
- RE: RBL-type BGP service for known rogue networks?, (continued)
- RE: RBL-type BGP service for known rogue networks? Roeland M.J. Meyer (Jul 08)
- Re: RBL-type BGP service for known rogue networks? Peter van Dijk (Jul 08)
- Re: RBL-type BGP service for known rogue networks? Eric A. Hall (Jul 08)
- RE: RBL-type BGP service for known rogue networks? Sabri Berisha (Jul 08)
- RE: RBL-type BGP service for known rogue networks? Sabri Berisha (Jul 08)
- RE: RBL-type BGP service for known rogue networks? Roeland M.J. Meyer (Jul 08)
- Re: RBL-type BGP service for known rogue networks? Rodney Joffe (Jul 08)
- Re: RBL-type BGP service for known rogue networks? John Payne (Jul 09)
- Re: RBL-type BGP service for known rogue networks? Dana Hudes (Jul 08)
- RE: RBL-type BGP service for known rogue networks? Roeland M.J. Meyer (Jul 09)
- "top secret" security does require blocking SSH Greg A. Woods (Jul 09)
- Re: "top secret" security does require blocking SSH Alex Bligh (Jul 09)
- RE: "top secret" security does require blocking SSH Derrick (Jul 09)
- Re: "top secret" security does require blocking SSH Alex Bligh (Jul 09)
- RE: "top secret" security does require blocking SSH Roeland M.J. Meyer (Jul 09)
- RE: "top secret" security does require blocking SSH Christopher Palmer (Jul 10)
- RE: "top secret" security does require blocking SSH Greg A. Woods (Jul 09)
- Re: "top secret" security does require blocking SSH Greg A. Woods (Jul 09)
- Open Broadcast Amplifier networks list. Simon Lyall (Jul 12)
- Re: "top secret" security does require blocking SSH Stephen Sprunk (Jul 09)
- RE: RBL-type BGP service for known rogue networks? Sabri Berisha (Jul 09)