|
Estimated time to
load this page
30 sec at
56.6kbps
06 sec at ISDN
|
Technology Update |
|
What’s
the differences between CDMA (Code Division Multiple Access)
& GSM (Global System for
Mobile
Communication) ?
The only differences are the way by which voice gets
carried from one phone to the other. CDMA assembles multiple
voices into the same frequency, & also increases voice
clarity. The technology also helps you receive calls when the
signal is weak & thus it doesn't have the problems like
Call Failed or Fading during high traffic density.
This also gives CDMA service providers the flexibility
to provide data & video service.
CDMA was invented during World War 2 when Allied forces
wanted to get past the Germans by sending coded messages over
different frequencies & giving them the ability to be
accessed from different points-hence
"Code Division Multiple Access."
Presently CDMA mobiles are available with Reliance,
TATA Indicom, Hyundia Infocom
|
|
|
|
Mail Me at |
|
desert_ghost85 @yahoo.com
|
|
|
|
DOS ATTACKS 2
PAGE
1, 2,
INTRODUCTION TO DENIAL OF SERVICE
.F.1. BASIC SECURITY PROTECTION
-------------------------------
.F.1.1. INTRODUCTION
--------------------
You can not make your system totally secured against denial of service
attacks but for attacks from the outside you can do a lot. I put this
work list together and hope that it can be of some use.
.F.1.2. SECURITY PATCHES
------------------------
Always install the proper security patches. As for patch numbers
I don't want to put them out, but that doesn't matter because you
anyway want to check that you have all security patches installed,
so get a list and check! Also note that patches change over time and
that a solution suggested in security bulletins (i.e. CERT) often
is somewhat temporary.
.F.1.3. PORT SCANNING
---------------------
Check which services you have. Don't check with the manual
or some configuration file, instead scan the ports with sprobe
or some other port scanner. Actual you should do this regualy to see
that anyone don't have installed a service that you don't want on
the system (could for example be service used for a pirate site).
Disable every service that you don't need, could for example be rexd,
fingerd, systat, netstat, rusersd, sprayd, pop3, uucpd, echo, chargen,
tftp, exec, ufs, daytime, time... Any combination of echo, time, daytime
and chargen is possible to get to loop. There is however no need
to turn discard off. The discard service will just read a packet
and discard it, so if you turn off it you will get more sensitive to
denial of service and not the opposite.
Actual can services be found on many systems that can be used for
denial of service and brute force hacking without any logging. For
example Stock rexec never logs anything. Most popd:s also don't log
anything
.F.1.4. CHECK THE OUTSIDE ATTACKS DESCRIBED IN THIS PAPER
----------------------------------------------------------
Check that attacks described in this paper and look at the
solution. Some attacks you should perform yourself to see if they
apply to your system, for example:
- Freezing up X-Windows.
- Malicious use of telnet.
- How to disable services.
- SunOS kernel panic.
- Attacking with lynx clients.
- Crashing systems with ping from Windows 95 machines.
That is stress test your system with several services and look at
the effect.
Note that Solaris 2.4 and later have a limit on the number of ICMP
error messages (1 per 500 ms I think) that can cause problems then
you test your system for some of the holes described in this paper.
But you can easy solve this problem by executing this line:
$ /usr/sbin/ndd -set /dev/ip ip_icmp_err_interval 0
.F.1.5. CHECK THE INSIDE ATTACKS DESCRIBED IN THIS PAPER
---------------------------------------------------------
Check the inside attacks, although it is always possibly to crash
the system from the inside you don't want it to be to easy. Also
have several of the attacks applications besides denial of service,
for example:
- Crashing the X-Server: If stickybit is not set in /tmp
a number of attacks to gain
access can be performed.
- Using resolv_host_conf: Could be used to expose
confidential data like
/etc/shadow.
- Core dumped under wuftpd: Could be used to extract
password-strings.
If I don't have put out a solution I might have recommended son other paper.
If not I don't know of a paper with a solution I feel that I can recommend.
You should in these causes check with your company.
.F.1.6. EXTRA SECURITY SYSTEMS
------------------------------
Also think about if you should install some extra security systems.
The basic that you always should install is a logdaemon and a wrapper.
A firewall could also be very good, but expensive. Free tools that can
be found on the Internet is for example:
TYPE: NAME: URL:
LOGDAEMON NETLOG ftp://net.tamu.edu/pub/security/TAMU
WRAPPER TCP WRAPPERS ftp://cert.org/pub/tools/tcp_wrappers
FIREWALL TIS ftp://ftp.tis.com/pub/firewalls/toolkit
Note that you should be very careful if building your own firewall with
TIS or you might open up new and very bad security holes, but it is a very
good security packer if you have some basic knowledge.
It is also very good to replace services that you need, for example telnet,
rlogin, rsh or whatever, with a tool like ssh. Ssh is free and can be
found at URL:
ftp://ftp.cs.hut.fi/pub/ssh
The addresses I have put out are the central sites for distributing
and I don't think that you should use any other except for CERT.
For a long list on free general security tools I recommend:
"FAQ: Computer Security Frequently Asked Questions".
.F.1.7. MONITORING SECURITY
---------------------------
Also monitor security regular, for example through examining system log
files, history files... Even in a system without any extra security systems
could several tools be found for monitoring, for example:
- uptime
- showmount
- ps
- netstat
- finger
(see the man text for more information).
.F.1.8. KEEPING UP TO DATE
--------------------------
It is very important to keep up to date with security problems. Also
understand that then, for example CERT, warns for something it has often
been dark-side public for sometime, so don't wait. The following resources
that helps you keeping up to date can for example be found on the Internet:
- CERT mailing list. Send an e-mail to [email protected] to be placed
on the list.
- Bugtraq mailing list. Send an e-mail to [email protected].
- WWW-security mailing list. Send an e-mail to
[email protected].
.F.1.9. READ SOMETHING BIGGER AND BETTER
----------------------------------------
Let's start with papers on the Internet. I am sorry to say that it is not
very many good free papers that can be found, but here is a small collection
and I am sorry if have have over looked a paper.
(1) The Rainbow books is a long series of free books on computer security.
US citizens can get the books from:
INFOSEC AWARENESS OFFICE
National Computer Security Center
9800 Savage Road
Fort George G. Meader, MD 20755-600
We other just have to read the papers on the World Wide Web. Every
paper can not however be found on the Internet.
(2) "Improving the security of your Unix system" by Curry is also very
nice if you need the very basic things. If you don't now anything about
computer security you can't find a better start.
(3) "The WWW security FAQ" by Stein is although it deal with W3-security
the very best better on the Internet about computer security.
(4) CERT have aklso published several good papers, for example:
- Anonymous FTP Abuses.
- Email Bombing and Spamming.
- Spoofed/Forged Email.
- Protecting yourself from password file attacks.
I think however that the last paper have overlooked several things.
(5) For a long list on papers I can recommend:
"FAQ: Computer Security Frequently Asked Questions".
(6) Also see section ".G. SUGGESTED READING"
You should also get some big good commercial book, but I don't want
to recommend any.
.F.2. MONITORING PERFORMANCE
----------------------------
.F.2.1. INTRODUCTION
--------------------
There is several commands and services that can be used for
monitoring performance. And at least two good free programs can
be found on Internet.
.F.2.2. COMMANDS AND SERVICES
-----------------------------
For more information read the man text.
netstat Show network status.
nfsstat Show NFS statistics.
sar System activity reporter.
vmstat Report virtual memory statistics.
timex Time a command, report process data and system
activity.
time Time a simple command.
truss Trace system calls and signals.
uptime Show how long the system has been up.
Note that if a public netstat server can be found you might be able
to use netstat from the outside. netstat can also give information
like tcp sequence numbers and much more.
.F.2.3. PROGRAMS
----------------
Proctool: Proctool is a freely available tool for Solaris that monitors
and controls processes.
ftp://opcom.sun.ca/pub/binaries/
Top: Top might be a more simple program than Proctool, but is
good enough.
.F.2.4. ACCOUNTING
------------------
To monitor performance you have to collect information over a long
period of time. All Unix systems have some sort of accounting logs
to identify how much CPU time, memory each program uses. You should
check your manual to see how to set this up.
You could also invent your own account system by using crontab and
a script with the commands you want to run. Let crontab run the script
every day and compare the information once a week. You could for
example let the script run the following commands:
- netstat
- iostat -D
- vmstat
TOP | |
| Send Feed Back At |
[email protected] | |
|
