This preview shows pages 1–2. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: CS 161 Computer Security Spring 2010 Paxson/Wagner Notes 2/19 The Motivation for Firewalls Suppose you are given a machine, and asked to harden it against external attack. How do you do it? One starting point is to look at the network services that this machine is providing to the outside world. If any of its network services are buggy or have security holes, an attacker may be able to penetrate your machine by interacting with that application. As we know, bugs are inevitable, and bugs in security-critical applications often lead to security holes. Thus, the more network services your machine runs, the greater the risk. This suggests one simple way to reduce the risk of external attack: Turn off every unnecessary network service . Disable every network-accessible application that isn’t absolutely needed. Build a stripped-down box that runs the least amount of code necessary; after all, any code that you don’t run, can’t harm you. And for any network service that you do have to run, double-check that is has been implemented and configured securely, and take every precaution you can to render its use safe. This is an intuitive and effective approach, and it can work well when you only have one or two machines to secure, but now let’s consider what happens when we scale things up. Suppose you are in charge of security for all of Macrosloth Corp. Your job is to protect the computer systems, networks, and computing infrastructure of the entire company from external attack. How are you going to do it? If the company has thousands of computers, it won’t be easy to harden every single machine individually. There may be many different operating systems and hardware platforms. Different users may have vastly different users, and a service that can be disabled for one user might be necessary to another user’s job. Moreover, new machines are bought all the time, machines come and go every day, and users upgrade their machines. At this scale, it is often hard even to get an accurate list of all machines inside the company—and if you miss even one machine, it is then a vulnerable point that can be broken into and might serve as a jumping-off point for attackers to use to attack the rest of your network. The sheer complexity of managing all of this might make it infeasible to harden each machine individually. Nonetheless, it’s still true that one risk factor is the number of network services that are accessible to out- siders. This suggests a defense. If we could block, in the network , outsiders from being able to interact with many of the network services running on internal machines, we could reduce the risk. This is exactly the concept behind firewalls : the firewall is a device designed to block access to network services running on internal machines....
View Full Document
This note was uploaded on 04/14/2010 for the course CS 161 taught by Professor Staff during the Spring '08 term at Berkeley.
- Spring '08
- Computer Security