Format Failures
Network communications work
because of well-designed protocols that define how two computers communicate
with a minimum of human intervention. The format of a message, size of a data
unit, sequence of interactions, even the meaning of a single bit is precisely
described in a standard. The whole network works only because everyone obeys
these rules.
Almost everyone, that is.
Attackers purposely break the rules to see what will happen. Or the attacker
may seek to exploit an undefined condition in the standard. Software may detect
the violation of structure and raise an error indicator. Sometimes, however,
the malformation causes a software failure, which can lead to a security
compromise, just what the attacker wants. In this section we look at several
kinds of malformation.
Malformed Packets
Packets and other data items
have specific formats, depending on their use. Field sizes, bits to signal
continuations, and other flags have defined meanings and will be processed
appropriately by network service applications called protocol handlers. These
services do not necessarily check for errors, however. What happens if a packet
indicates a data field is 40 characters long and the actual field length is 30
or 50? Or what if a packet reports its content is continued in the next packet
and there is no next packet? Or suppose for a 2-bit flag only values 00, 01,
and 10 are defined; what does the handler do if it receives the value 11?
For example, in 2003
Microsoft distributed a patch for its RPC (Remote Procedure Call) service. If a
malicious user initiated an RPC session and then sent an incorrectly formatted
packet, the entire RPC service failed, as well as some other Microsoft
services.
Attackers try all sorts of
malformations of packets. Of course, many times the protocol handler detects
the malformation and raises an error condition, and other times the failure
affects only the user (the attacker). But when the error causes the protocol
handler to fail, the result can be denial of service, complete failure of the
system, or some other serious result.
Protocol Failures and Implementation Flaws
Each protocol is a
specification of a service to be provided; the service is then implemented in
software, which, as discussed in Chapter 3,
may be flawed. Network protocol software is basic to the operating system, so
flaws in that software can cause widespread harm because of the privileges with
which the software runs and the impact of the software on many users at once.
Certain network protocol implementations have been the source of many security
flaws; especially troublesome have been SNMP (network management), DNS
(addressing service), and e-mail services such as SMTP and S/MIME. Although
different vendors have implemented the code for these services themselves, they
often are based on a common (flawed) prototype. For example, the CERT advisory
for SNMP flaws (Vulnerability Note 107186) lists approximately 200 different
implementations to which the advisory applies.
Or the protocol itself may be
incomplete. If the protocol does not specify what action to take in a
particular situation, vendors may produce different results. So an interaction
on Windows, for example, might succeed while the same interaction on a Unix
system would fail.
The protocol may have an unknown security flaw. In a classic example, Bellovin [BEL89] points out a weakness in the way packet sequence numbers are assignedan attacker could intrude into a communication in such a way that the intrusion is accepted as the real communication and the real sender is rejected.
Attackers can exploit all of
these kinds of errors.
Related Topics
Privacy Policy, Terms and Conditions, DMCA Policy and Compliant
Copyright © 2018-2023 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.