Subject: Re: WWW security From: "Kevin Speicher" Date: Thu, 20 Apr 95 19:38:16 EST
How the Web Was Won
Subject: Re: WWW security From: "Kevin Speicher" Date: Thu, 20 Apr 95 19:38:16 EST
Sender: owner-online-news@marketplace.com
Precedence: bulk
Status: RO
X-Status: 

John Graham asked:
>He says that when one of our PCs on our internal
>(ethernet) network goes online, via a modem connection to
>an ISP, it opens up a way for someone on the outside to get
>into our internal business network. I know there are
>legitimate security concerns if we had our own dedicated
>internet server on our network and that it served as our
>access point into the Internet. But I thought that it was
>pretty much a one-way street if I log on thru an ISP via
>standard phone lines.

  If you're running a terminal session, emulating something 
like a VT-100 terminal, then you are safe (ignoring terminal 
control characters in the data stream that may cause your 
terminal window to blink).

  If you're running a SLIP or PPP connection and are not 
running TCP/IP server software on your workstation 
(peer-to-peer services for FTP or NFS, for example), then 
there is no thing local running to respond to malevolent 
requests.  Your PC is not likely running router or bridging 
services and will not forward the bad bits on to other 
internal devices.
  In fact, if you are running TCP/IP support software like 
WINSOCK for internal use and establish a SLIP or PPP 
connection to an ISP at the same time, then your PC then has 
two IP addresses - one via the ethernet to the internal 
network and one via the serial port to the ISP. I wonder if 
it starts to smoke at this point.

>Is it possible for someone on the Internet to hack their
>way thru my ISP's server, up my phone line and modem into
>my PC, and then be able to get at my network drive and into
>our mainframe system?

  I've always been more worried by slow Information 
Technology department response user requests for remote 
access and the easy availability and low cost of software 
like ARA and Timbuktu and Carbon Copy and Co/Session and PC 
Anywhere and ...  For less than $100 (even in Canadian 
money), a frustrated user can take that modem line 
(reluctantly given in response to repeated demands for 
access to outside data sources) and turn it into a "work 
from home when I want" to access port.  And "since I'm the 
only person who knows it's here, I don't need to worry to 
much about passwords and stuff like that".

  And it's inside the firewall! That's what scares me.
------------------------------------------------------------
Kevin Speicher                            The Globe and Mail
KSpeicher@GlobeAndMail.ca        Canada's National Newspaper

                   Mir ist alles Wurst


  That's what 


From owner-online-news@marketplace.com Mon Apr 24 15:34:03 1995
Received: from marketplace.com by cnj.digex.net with SMTP id AA04369
  (5.67b8/IDA-1.5 for ); Mon, 24 Apr 1995 15:33:20 -0400
Received: (from majordom@localhost) by marketplace.com (8.6.12/8.6.12) id IAA00895 for online-news-outgoing; Mon, 24 Apr 1995 08:01:55 -0600
Received: from vega.unive.it (root@vega.unive.it [157.138.1.9]) by marketplace.com (8.6.12/8.6.12) with SMTP id IAA00888 for ; Mon, 24 Apr 1995 08:01:50 -0600
Received: from ts7.unive.it by vega.unive.it with SMTP id AA05989
  (5.65c/IDA-1.4.4 for ); Mon, 24 Apr 1995 16:04:50 +0200
Message-Id: <199504241404.AA05989@vega.unive.it>