WHAT CAN BE DONE FROM THE BEJUCAL BASE BESIDES ELECTRONIC ESPIONAGE?MANUEL CEREIJO JUNE 2001From the Bejucal base in Cuba, besides the listening to telecommunication channels in the United States, they can also produce attacks on the security of the United States' computer systems or networks. The general categories of attack are:
CATEGORIES OF ATTACKSA useful categorization of these attacks is in terms of passive attacks and active attacks. Passive attacks are in the nature of monitoring of transmissions. The goal of the attacker is to obtain information that is being transmitted. Two types of passive attacks are(1) release of message content;(2) traffic analysis. A release of message content is easily understood. A telephone conversation, an electronic mail message, and a transferred file may contain sensitive or confidential information. The second passive attack, traffic analysis, is more subtle. Suppose that we had a way of masking the contents of a message or other information traffic so that Cuba, even if they capture the information, could not extract the real information because of the use of encryption. The attacker could after a period of time extract the information and messages, defeating the encryption process. The second major category of attack is active attacks. These attacks involve some modification of the data stream or the creation of a false stream. It can be subdivided into four categories: masquerade, replay, modification of message, denial of service. A masquerade takes place when the attacker, under certain entity, pretends to be a different entity, and therefore enabling an authorized entity to obtain extra privileges. Replay involves the passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect. Modification of service simply means that some portion of a legitimate message is altered, or that messages are delayed or reordered, to produce an unauthorized effect. The denial of service prevents or inhibits the normal use or management of communications facilities. This is a very important and serious possible attack. It could disrupt an entire network, either by disabling the network or by overloading it with messages so as to degrade performance. The attacker could target airports, financial centers, power companies, dams control centers, etc. It is quite difficult to prevent active attacks. The goal is to detect them and to recover from any disruption or delays caused by them. INTRUDERSThere are three classes of intruders:
The objective of the intruder is to gain access to a system or to increase the range of privileges accessible on a system. The intruder must acquired information that should have been protected. In most cases, this information is in the form of a password. The password file can be protected by one way encryption or by limiting the access control to the file. What are the most common techniques used so far to truy to break into a system?
SUMMARYNetwork security has assumed increasing importance. Individuals, corporations, government agencies, must heighten their awareness to protect data and messages, and to protect systems from network-based attacks. The disciplines of cryptography and network security have matured, leading to the development of practical, readily available applications to enforce network security.
|