Frackin script kiddies!!

Richard Pieri richard.pieri-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Tue Aug 3 20:40:50 EDT 2010


On Aug 3, 2010, at 6:04 PM, Jarod Wilson wrote:
> 
> Maybe. But really, if you don't trust ssl for something like access to
> mythweb, why on earth would you trust it for accessing your financial
> information?

Maybe I'm not being clear?  The financial information isn't stored on the public-facing server.  It's behind one-way firewalls or it's being transmitted on encrypted links after I've authenticated myself to the system and vice-versa.  Emphasis on authenticated.

Broken record time: encryption without authentication is weak security.

> Regardless of multi-tiered presences, the edge systems can still be
> used to launch outbound attacks, which I thought you yourself said
> earlier in this thread was what made a system critical.

No, they can't because they are also behind a public-facing firewall that blocks outbound connections (with certain limited exceptions like DNS queries to a limited number of name servers).  Web connections from the outside are allowed into the web server, and application connections from the inside are allowed into the web server, but nothing gets out of the web server except on previously established inbound connections.

Point of order: not easily.  Any security can be circumvented given sufficient effort, even a properly designed one-way DMZ.  The idea is not to make it impossible.  The idea is to make it so damned difficult that the attacker gives up.

Second point of order: once an attacker gains access to the web server there is all kinds of nasty he can do.  This is why we have things like Tripwire, rkhunter, and read-only filesystems that detect or prevent tampering.

> If someone gets past auth-digest, they can use mythweb to delete my
> recordings, they don't have "full access to everything on the inside"

They potentially have access to every machine on your home network unless you've built yourself a two-tier or three-tier DMZ around the MythTV server, which I highly doubt since you claim that SSL + auth-digest is "good enough".

--Rich P.








More information about the Discuss mailing list