Previous Table of Contents Next


Other Common Protocols

In addition to those protocols previously discussed are the following:

  Serial Line Internet Protocol. The SLIP is used to exchange IP traffic with a device, usually a workstation, that is running the proper protocols but without a separate address. It is used to connect workstations to hosts or to Internet service providers through the dial-switched network. It is analogous to an extension cord or a remote.
  Point-to-Point Protocol. The PPP is similar to SLIP, but is associated with leased lines. It is usually used to connect a single system to a boundary or “edge” node.
  Network Time Protocol. The NTP is used to set and synchronize the system clocks of Internet nodes. It is able to synchronize all systems in a network to within milliseconds of each other, i.e., to within the accuracy and precision of the system clocks themselves.
  Secure Protocols. Recently, secure versions of these protocols have been specified, and reference implementations of these protocols are available for Unix systems. Additional implementations should be available in 1996.

INTERNET APPLICATIONS

Recall the analogy that describing the Internet can be liken to five blind men trying to describe an elephant. For most of the blind men, the Internet elephant looks like its applications. The Internet is open as to its applications. No real limit to the number of applications exists, and new ones are added every day. However, some applications are sufficiently significant that a description of those applications describes how the net looks to most users.

E-mail

The most widely used application on the Internet is E-mail. Recent statistics suggest between 50 and 100 million users, and a 1 billion users are estimated as early as 2000. E-mail rivals television, copiers, and facsimile machines in its rate of growth. Moreover, as was the case with copiers and facsimiles, it is becoming difficult to remember how business was conducted before E-mail.

Internet E-mail uses the SMTP, and the MIME protocol. MIME runs on top of SMTP to permit the exchange of files, programs, sounds, images, and moving images. E-mail is the most interconnected and interoperable application. Even those networks that have resisted connection to the Internet at other levels are connected at the E-mail layer.

In addition, E-mail is the most ubiquitous application in the Internet; it interoperates with many of the others. Several servers are on the Internet that accept mail messages, convert them into requests for other services, convert the answers to those mail messages, and send them back to the requester. Thus, a user that has access to E-mail functionality, has access to all of the information on the network (i.e., Internet).

Logging on to a Remote System

One of the earliest and most obvious of Internet applications was to create a session between a terminal on one system and an application on a remote system. This kind of application used a client process on the origin system, the Telnet client. It IS-IS initiated by entering the command, telnet, on the originating system. The parameters of the command specify the target system and any nondefault characteristics of the connection request. The request is responded to by the telnet server, a started process (a daemon in Unix parlance) on the target system. The protocol is also called telnet. The user on the origin system sees a prompt from the answering server process, for example, the operating system or an application, on the target system. The user is usually expected to logon, that is, send a user identifier (i.e., user ID) and authenticating data (i.e., a password) to the target system. However, for the target system, the user identifier and password are optional.

File Transfer

The FTP is used to exchange file system objects between systems. It is symmetric, and works in either direction. Either system may initiate a transfer in either direction. The FTP process (daemon in Unix parlance) must have access to the file system. That is, in systems with closed file systems, the process or the user on whose behalf it is operating must possess the necessary access rights (e.g., read, write, or create) to the file object or directory on which it wants to operate.

A convention called, “anonymous FTP,” permits the protocol to be used for public applications. The user can logon to the system with a user ID of anonymous, which requires no password. By convention, users are requested to put their origin system and user ID in the password field. However, the value in this field is not checked or validated in any way; a blank will work as well as the truth.

VULNERABILITIES ON THE INTERNET

The vulnerabilities on the Internet are closely related to its characteristics, its protocols, its uses, and its history. In addition, because the Internet is a broadcast network, messages are vulnerable to disclosure, replay, and interference.

The large number of components on the Internet makes it vulnerable to flaws in the implementation of those components. Because there may be many instances of a flaw, elimination of them is extremely difficult. A recent example of such a flaw was an instance of incomplete parameter checking in the Unix system logging routine, syslog. This error permitted a very long log entry to exceed the space provided for it, overlay program space, and get itself executed.

Many components in systems peer-connected to the Internet contain “escape” mechanisms. These are invoked by an otherwise unlikely character sequence to cause what follows this escape sequence to be handled, not by the component itself, but by the environment in which it runs, often with the privilege of the “escaped from” component. A famous escape mechanism, exploited by the infamous “All Souls” worm, was the debug feature of the sendmail mail handler. This option was invoked by an escape sequence in a message that caused what followed it to be passed through to Unix to be executed as a command. The worm used this feature, among others, to copy and execute itself.

Because nodes are peer connected and trust each other, compromise of one may result in compromise of many, perhaps all. In a peer connected network, the level of trust in the network is equal to that of the least trusted node or link.

Many of the vulnerabilities described in the preceding paragraphs are features rather than flaws. In other words, they are desired and valued by some users and managers. Because of their value, their total elimination is unlikely.


Previous Table of Contents Next

Copyright © CRC Press LLC