White-Hat Security Arsenal: Tackling the Threats

White-Hat Security Arsenal: Tackling the Threats

by Aviel D. Rubin


$44.99 $49.99 Save 10% Current price is $44.99, Original price is $49.99. You Save 10%.
Choose Expedited Shipping at checkout for guaranteed delivery by Friday, January 25

Product Details

ISBN-13: 9780201711141
Publisher: Addison-Wesley
Publication date: 07/05/2001
Pages: 368
Product dimensions: 7.36(w) x 9.24(h) x 0.72(d)

About the Author

Aviel D. Rubin (http://avirubin.com) is an Associate Professor in the Computer Science Department at Johns Hopkins University and serves as the Technical Director of their Information Security Institute. He was previously Principal Researcher in the Secure Systems Research Department at AT&T Laboratories and is the author of several books.


Read an Excerpt

Chapter 6: Secure Backup

Problem Statement

Alice considers her data very important. She has been around long enough to experience the painful loss of files due to arbitrary failures of software and hardware. The data on Alice's machine is of a very sensitive nature. She is very good at physically securing her machine and protecting her data while it is in her possession, but how does she back up her data in such a way that the backups are reliable and also secure?

Threat model

The adversary in this scenario is a user who manages to get read access to Alice's backup tapes. It should be impossible for him to learn anything about the data that is stored there. In addition, it should be impossible for an adversary to destroy the keys that are used to protect the backup tapes.

6.1 Secure Backups

When I give talks about computer security, viruses, worms, Trojan horses, and other threats, I'm often asked what the state of the art in defense mechanisms is. My reply is always “back up, back up, back up.” If you have never lost any data due to some kind of failure that wasn't your fault, you have probably not been using computers for very long.

If you ask me what the easiest way to steal information from a highly secure site is, I will probably not suggest trying to exploit a misconfiguration in the firewall and subverting the perimeter protection to get an account inside and then using that account to break into a protected database. A much easier way is to bribe the truck driver, who transfers the backup tapes from the building to a physically secure site, to look away for a couple of hours while you copy the tapes. This attack will only cost you a few hundred dollars; you may even be able to pull it off for a six-pack of beer.

Backup is one of the most overlooked processes when it comes to site security. However, backup is crucial. Backup is important for recovering from loss due to accidental or malicious failure. You would be hard-pressed to find a person or organization that hasn't had to restore from a backup at some point. When faced with data loss or corruption, the backup archive is one of the most appreciated and loved objects in the entire universe.

What is interesting is that even though backup tapes, by definition, contain data that is just as sensitive as the data being backed up, they rarely receive the same protection as the original data itself. Why is that? Well, the purpose of backup is to recover after some kind of a problem. So, if encrypted data is backed up in its encrypted form, then what happens if the unfortunate event that led to the loss of data also results in a loss of the keys? Encrypted backups without the keys are about as useful as a wad of cash when you are stranded on a deserted island. It seems like they should be worth something, but trying to use them proves futile. Even if you were to store the money away until you were rescued, by the time that happened, inflation would make the wad of cash practically worthless, but here, the analogy kind of breaks down.

6.2 Physical Security

One approach to secure backup is to physically protect backups. If you are an individual user, then you can purchase an external Jaz drive, or a PC card with FLASH memory, copy your sensitive files to the external device, keep it in your possession at all times until you get home, and then bury it ten feet deep in your back yard. Make sure to mark the spot carefully, and to put a mean dog in the yard, preferably one that does not like to dig.

If you are an organization, you could implement a process whereby backups are done under the supervision of security personnel, and the tapes are physically transported to a safe location.

I don't like relying on physical security for several reasons. First of all, it is difficult to find security personnel who are completely trustworthy. Most security compromises are initiated by insiders, and there are few physical security types who are paid as much as the value of your data. Put another way, you'd be crazy to spend more on your security personnel than your data is worth. So, you are potentially vulnerable to bribery of your security personnel.

Physical security is not a bad idea, but I do not recommend relying on it exclusively to protect your data. Instead, couple it with software protection (encryption and authentication).

6.3 Backup over a Network

Backup data is vulnerable to attack at several points. If you are backing up your data onto a physical device such as a Jaz drive, then you do not need to worry about somebody sniffing on the physical connection between your computer and the drive. However, most backup techniques today involve transferring data over a network. It doesn't make sense to use strong encryption in your backups and good key recovery mechanisms, if you transfer files to a remote backup server in the clear.

The right way to back up files remotely is to perform all of the compression and encryption (in that order!) locally, and then to transfer the backups to the remote site for storage. The reason to compress before encrypting is that encrypted data contains very little redundancy, and so compression of ciphertext is not very effective. Many remote storage facilities further encrypt the data. While the encryption of the data on your local machine protects you against network attacks and from the storage server, the further encryption at the remote server is intended to protect your data from compromise of the server in the case where you have a poorly chosen passphrase. The super-encryption (encrypting encrypted data) at the remote site is a great marketing gimmick by many of the backup storage vendors, but it doesn't really buy you much because you should protect it with good keys in the first place. Furthermore, you are now running the risk of not only the loss of your passphrase, but loss of the key used by the backup server.

Another issue in the remote backup process is user authentication. If you back up your files over a network to a centralized server, make sure that the server does proper user authentication. If it does not, then even though the information on that server is unreadable, assuming it is properly encrypted, there may be nothing preventing another user from corrupting or destroying your backups.

Many remote backup facilities allow for an automatic unattended backup to be scheduled. That means that users can tell the system to make a backup in the middle of the night of files that have changed. Of course, the whole purpose of this is to perform a backup while the user is sleeping. It is unlikely that the user will want to wake up each night and enter the passphrase to derive the key for the backup. So, these systems require that the key be available to the program whenever it needs it. To accomplish this, the key must be in memory on the computer. In practice, many vendors keep the user key on disk somewhere. In either case, the key is vulnerable. The most secure systems require a passphrase to be entered whenever a backup or restore is about to take place, and they erase the key from disk and memory as soon as the work is done. Unfortunately, this is rarely the way these products operate.

Another common “feature” of many remote backup products is that they give the user a choice of key lengths and algorithms. In several cases, products offer 40-bit DES, 56-bit DES, 3-DES, and Blowfish or CAST. Average users are about as qualified to pick the bit size of their keys as they are to set the correct refresh rate on their computer monitor. The difference is that when setting the refresh rate on a monitor, you get some feedback if you select stupid settings. With crypto, you just get an insecure system. When questioned, one vendor replied that 3-DES is too slow for some users and that 40-bit is included in the product for export reasons. Huh?!? I asked him if the 40-bit version and the 3-DES version shipped as different products, and he said no. Apparently, there are companies out there that think their product is exportable if they add weak crypto to it, in addition to the strong crypto.

6.4 Key Granularity

The most common technique for protecting backups is to encrypt files locally using a key derived from a passphrase. There are several commercial products that do this, as I will discuss shortly. One choice that needs to be made is how many keys to use. If you use one key to encrypt all of the files that are backed up, then loss or compromise of that key means loss or compromise of the entire archive. Breaking backups down into finer-grained keys is much more complicated and difficult to maintain. You could have a program with a database for controlling all the keys, but you had better back that database up very carefully. In the end, the problem reduces to protecting and backing up keys securely....

Table of Contents




1. Shrouded in Secrecy.

2. Computer Security Risks.

What Is at Risk.

Data, Time, and Money.



Resource Availability.

Why Risks Exist.

Buggy Code.

The User.

Poor Administration.

Exploiting Risks.

Moving On.

3. The Morris Worm Meets the Love Bug: Computer Viruses and Worms.


A Touch of History.

The Morris Worm.

When It Hit and What It Did.

How and Why It Worked.

The Consequences.

How We Recovered.

Lessons Learned.


When It Hit and What It Did.

How and Why It Worked.

The Consequences.

How We Recovered.

Lessons Learned.

CIH Chernobyl.

When It Hit and What It Did.

How and Why It Worked.

The Consequences.

How We Recovered.

Lessons Learned.


When It Hit and What It Did.

How and Why It Worked.

The Consequences.

How We Recovered.

Lessons Learned.


When It Hit and What It Did.

How and Why It Worked.

The Consequences.

How We Recovered.

Lessons Learned.


When It Hit and What It Did.

How and Why It Worked.

The Consequences.

How We Recovered.

Lessons Learned.


When It Hit and What It Did.

How and Why It Worked.

The Consequences.

How We Recovered.

Lessons Learned.

The Love Bug.

When It Hit and What It Did.

How and Why It Worked.

The Consequences.

How We Recovered.

Lessons Learned.



4. Local Storage.

Physical Security.

Cryptographic Security.

What Can Be Achieved with Cryptography.

Cryptography Is Not Enough.

Basic Encryption and Data Integrity.

Protecting Data with Passwords.

Graphical Passwords.

Cryptographic File Systems.

Case Studies.



EFS in Windows 2000.

Further Reading.

5. Remote Storage.

Remote Storage.

NFS Security.

Adding Security.

User Authentication.

Strengthening Passwords.

Access Control Lists and Capabilities.


Case Study.


Further Reading.

6. Secure Backup.

Secure Backups.

Physical Security.

Backup over a Network.

Key Granularity.

Backup Products.



Secure Backup Systems.



NetMass SystemSafe.


Safeguard Interactive.

Veritas Telebackup.

Deleting Backups.

Case Study.

The Client Software.

Incremental Backups.

Further Reading.


7. Setting up a Long-Term Association.

What Is Identity?

Identity in Cyberspace.

Exchanging Public Keys in Person.

Certification Authorities.

Public Key Certificates.

Certificate Hierarchies.

Long-Term Relationships within an Organization.

Global Trust Register.


Long-Term Relationships in the Wild.

Managing Private Keys.

Symmetric Keys.

Case Study.


Further Reading.

8. Deriving Session Keys.

Long-Term Keys Are Not Enough.

What Are Session Keys?

Key Exposure.

Perfect Forward Secrecy.

Security Associations.

Picking a Random Key.

Session Keys from Symmetric Long-Term Keys.


Another Approach.

Session Keys from Long-Term Public Keys.

Diffie-Hellman Key Exchange.

Session Keys in SSL.

Protocol Design and Analysis.

Case Study.

Clogging Attacks.

ISAKMP Exchanges.

Key Refreshment.

Primes in OAKLEY.

Further Reading.

9. Communicating Securely After Key Setup.

Protecting Information.



Which Layer Is Best for Security?


The Link Layer.

The Network Layer.

The Transport Layer.

The Application Layer.

Replay Prevention.

Case Study.



Further Reading.


10. Protecting a Network Perimeter.

Insiders and Outsiders.

Network Perimeter.

Benefits of Firewalls.

Types of Firewalls.

Packet Filters.

Application-Level Gateways.

Using the Firewall.

Configuring Rules.

Web Server Placement.

Exit Control.

Remote Access8.

Logging in Directly.

Dial-up Access.

VPN Access.

Web-Only Access.

Case Study.

Further Reading.

11. Defending against Attacks.

Bad Guys.



Denial of Service.


Defending against Mapping.

Monitoring the Traffic.

Intrusion Detection.

Defense against DDOS.

Other Tools.

Case Study.

Further Reading.


12. Protecting E-Commerce Transactions.

Credit Cards on the Web.

The SSL Protocol.

Protocol Overview.

Configuring a Browser.

Configuring a Server.




Case Study.

How Passport Works.

Risks of Passport.

Further Reading.

13. Protecting Privacy.

Online Privacy.

What Is at Risk?

E-Mail Privacy.

Protecting E-Mail with Cryptography.

Anonymous E-Mail.

How Is Personal Privacy Compromised?

Direct Methods.

Indirect Methods.

Defense Mechanisms and Countermeasures.

Protecting Data on Your Machine.

Protecting Credit Card Information.

Safeguarding Your Browsing History.

Hiding Your Surfing.

Posting Anonymously to the Web.

Case Study.


Further Reading.



Index. 0201711141T01 001.


Why I Wrote This Book

As a computer security expert at AT&T Labs, I often find myself meeting with members of IT departments of our large customers. This year, for example, I've met with, among others, the CIO of Ford Motor Company, the CTO of JP Morgan, and a Vice President of American Axle Manufacturing. In each case, they bring along an entourage of system administrators and other members of their team, and they come loaded with problems. How do I allow secure remote access to my site? How should I configure my firewall? How do employees store information securely on laptops? The list of questions goes on and on. I listen to them and offer my advice and expertise.

The customers always ask me what book I recommend to solve all of their problems. There are some good books on security out there. However, they are written from a disciplinary approach. There is usually a chapter on cryptography, a chapter on protocols, a chapter on SSL, and so on. So, I set out to write a book that directly answers the questions that these large IT departments face.

What sets this book apart from others is the problem-oriented approach. Each chapter starts out with a problem statement using Alice and sometimes Bob, borrowing these characters from the cryptography literature.

The book is divided into five parts. Each part is written to be self-contained, so there is some redundancy of information across parts. Within each part (except the first), there are chapters, each of which represents a problem. Within the chapter is a description of the threat model, explanations of the technologies involved, and some solutions. The chapters conclude with one or more case studies. The idea is to give the readers enough information to understand the problem in detail, to have the ability to evaluate solutions, and even to be able to solve the problem themselves.

Intended Audience

There are several different kinds of people who can benefit from this book. I have tried to identify the computer security problems that are the most common and the most interesting to study. Some of you will read this book to figure out the solution to a particular problem. Others will read it to educate themselves about certain risks. Whether you are a practicing information technology professional, a system administrator, a graduate student in computer science, or simply an end user, there is something for you in this book. Some problems that I cover are less complex and little technical training is needed to understand the solutions. Other problems require intricate technical solutions that may seem incomprehensible to someone without a computer science or math background. To facilitate your reading experience, I have identified each chapter by the level of difficulty and the intended audience. At the beginning of each chapter, I display icons that represent the intended audience. The leftmost icon is the most relevant audience for the chapter, and the icons are thus ordered from left to right.

The Surfer/End User Surfers or "end users" are those who surf the Web, read e-mail, and use computers in their everyday lives. They don't necessarily have any formal computer science training, but they are proficient in day-to-day uses of computers. For example, they know how to install software and how to change the settings in their browsers.

The IT Professional Information technology professionals are those who are quite knowledgeable about computers. They may be in charge of a large network deployment, programmers, system architects, or even managers. It is safe to assume that these people have a computer science or CIS degree, and that they have been working with computers for some time.

The Academic Academic are usually either professors or graduate students. Academics are usually interested in the technical details and the theory behind a solution, as much as in the solution itself. Academics are likely to consult other references to further understand the material, and the gory details are welcome, rather than feared.

The System Administrator System administrators are those who are often responsible for the security of a site. They are usually the ones putting out fires, and their jobs may be on the line if information is lost, or if a major break-in occurs. These people are interested in making sure that their systems are safe, and while they would normally love to study and understand the theory behind the solutions, there is no time for that. What they really want is to figure out exactly how to solve the problem that is pressing at the moment.

Each chapter in this book presents the solution to a problem that is important to some subset of these characters. While you may or may not fit exactly into one of these descriptions, I hope that the icons at the beginnings of the chapters will give you a good idea of what level of detail and complexity to expect when you read it.

Guide to the Book

There are five parts to the book:

Part I The first part is intended to motivate the rest of the book. No problems are identified here; rather, I address the issue of threat and why people need to worry about solving computer security problems.

  • Chapter 1 This chapter deals with the fact that it is difficult to get companies to admit to computer security incidents. As a result, it is hard to estimate the true damage from security incidents.
  • Chapter 2 This chapter covers what is at risk, in order to help the reader understand the threats.
  • Chapter 3 This chapter is unique in this book. Computer viruses and worms are the security problems that receive the most press and that people are most acutely aware of. Rather than focus on the problem and its solutions, I thought that I would use viruses and worms to help the reader appreciate the level of threat posed to computers and networks. The chapter puts these attacks in perspective and explains how they work.

Part II The second part deals with secure storage of information. The following problems are addressed:

  • Chapter 4 Alice has some important information that she wishes to store on her computer. How does she protect the data so that even if her machine falls into the hands of an adversary, the data will remain confidential, and she will be able to detect any tampering with the information? Ideally, Alice would like a solution that is easy to use and is applicable to multiple applications.
  • Chapter 5 Alice uses a file system that stores files remotely. How can she protect the authenticity and confidentiality of the data from an adversary who is on the network or in control of the remote file server?
  • Chapter 6 Alice considers her data very important. She has been around long enough to experience the painful loss of files due to arbitrary failures of software and hardware. The data on Alice's machine are of a very sensitive nature. She is very good at physically securing her machine and protecting her data while it is in her possession, but how does she back up her data in such a way that the backups are reliable and also secure?

Part III The third part is the most technical in the book. It deals with transferring information securely on vulnerable networks. The following problems are addressed:

  • Chapter 7 How does Alice identify Bob in such a way that she can guarantee that future communications with Bob are identifiable and so that no other party is able to establish communication with Alice that appears to be from Bob? In addition, if Alice realizes that some other party, Evil, may potentially impersonate her, how does Alice recover to limit the damage that can be caused by Evil?
  • Chapter 8 Assume that Alice and Bob have a long-term association. They either know each other's public keys, share a symmetric long-term key with a trusted authority, or share a symmetric long-termkey with each other. How do Alice and Bob securely establish symmetric session keys to protect their information?
  • Chapter 9 Assume that Alice and Bob have session keys for encryption and authentication. How do they protect their communication? Where in the protocol stack is the best place to put their security?

Part IV The fourth part of this book has to do with protecting against network threats. This includes setting up firewalls, detecting intrusions, and dealing with denial-of-service attacks. The following problems are addressed:

  • Chapter 10 Alice is in charge of the security of a network. The network is too large and complex for her to harden every host and protect network resources from attack. How does she define a perimeter, set a uniform policy for the network, and defend against malicious external attacks? Once she defines the perimeter, how does she allow remote access for legitimate users while excluding others?
  • Chapter 11 Alice is in charge of the security of a network. How does she defend a network against attacks? How does she detect intrusions and respond? How can she deal with massive denial-of-service attacks?

Part V The fifth and final part of the book deals with online commerce and privacy. The part covers issues such as using credit cards on the Web and the privacy of Web browsing. The following problems are addressed:

  • Chapter 12 Alice runs an online store. How does she make sure that her customers can shop online without the threat of their credit cards being stolen by an active attacker on the network? She would like to add security while not adversely affecting the performance of her server. Bob likes to shop online. Should he put his credit card into a Web form? What is he risking by doing so?
  • Chapter 13 Alice likes to use the Internet. She browses the Web on interesting topics, purchases things online, participates in e-mail discussion groups and chats, and maintains her own Web site. How does Alice preserve the privacy of her personal information? How does she prevent third parties from collecting information about her and tracking her online presence?

How to Read This Book

There are several ways to read this book. If you are reading it because you have some of the problems mentioned here, then the best thing to do is to jump to the chapter that addresses your problem and read it. If it is in the middle of a part, you may find that some of the material in the earlier chapters is needed, so I recommend that you find the part that contains your problem and read that whole part.

If you are interested in learning about all of the problems, or security in general, then read the book from start to finish. There is no dependence on order in the parts, so you can read them in whatever order you like, but it is best to read the chapters within a part in the order they appear.

At the end of each chapter there is a listing of all of the references that are cited within the text. The books, articles, and Web sites are listed in the order that they appear. I have done my best to reference only Web sites that I expect to be around for a while, and I have tested all of them several times since I wrote each section, but of course, the Web is dynamic, so there are no guarantees. I maintain a Web site with all of the links in the book, and I keep it as up to date as possible. The URL is http://white-hat.org/. Please let me know if you find a broken link there. At the end of the book is the full bibliography listed by the numbers that are used for citation within the text.

There is a glossary of acronyms used throughout the book, so if you come across a term you do not understand, it may help to check there.

Avi Rubin


Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews