Security issue of cross server job on UNIX and the solution



Say you have an UNIX (such as AIX, HP-UX, Linux) application server
alpha, and an UNIX database server delta, and the application is
running use account Charlie's privilege, and database using account
Sam's privilege.
The application generates data that will send to server delta, and the
data to be loaded into database by Sam and the a report will be
generated using the data in the database.
In today's technology, most likely sftp will be chosen for the file
transfer from alpha to delta, and most people will think this is the
very secure solution.
So what's the issue with this solution?

With this solution, you need to ask one person to do the file transfer
job, then ask the same person or another to load the data into
database and then run report generation program.

Here, the person who does the file transfer job needs to either Sam's
password or the pass phrase for the private key of the key pair used
for public key authentication, or else, you have to choose public key
authentication with no pass phrase protection for the private key.
We assume that you will use the pass phrase protected public key
authentication way, as this is the most secure way among them.

Then what's security issue with this arrangement?

Lets talk about the security risk with the pass phrase protection
itself first.

One common issue here is the pass phrase needs be known by all the
people who will do the file transfer, which is unlikely to be only one
person.

And then a malicious person on the machine with same or root privilege
could use system call tracer, like tusc on HP-UX, to steal the pass
phrase when you type it.
And a malicious person with root privilege could replace the sftp
program to steal the pass phrase.

And on Solaris 10 platforms, anybody with root privilege can easily
use dtrace to capture the pass phrases when anybody uses ssh to
connect to other machines. The dtrace tool is good for debugging
issue, but is a nightmare for password/pass phrase security.

Then lets talk about another big security issue with the arrangement:
when a person is able to use sftp to transfer the data from server
alpha to server delta through account Sam on delta, that person is
also able to make changes to Sam's .profile, so if the person is
malicious, he/she will be able to set up a trap in Sam's .profile, so
when Sam logs on to the server delta, the trap will be triggered and a
false transaction to be added into to database, causing big damage to
the company.

WZIS Software has a very secure solution for this and it can save you
huge operation costs.
Please check our solutions at http://www.wziss.com/



.



Relevant Pages

  • Re: SQL query
    ... but it also can be a search phrase with several words at the same time. ... I have a database with "documents", ... I already have stored in the database all the Spanish words with their ... But I got stuck trying to build a recordset with the list of Document_ID's ...
    (microsoft.public.vb.general.discussion)
  • Re: The crazy encryption madmans codebook
    ... encoded to any word in the database. ... Why would it not be possible, the offset number is just an integer ... where each entry have an index, realworld word or phrase and a madman ... would call *offset keys* an offset key is used to encode *one and just ...
    (sci.crypt)
  • Re: The crazy encryption madmans codebook
    ... Suppose database ranging 0-5 000 000 indexed word and phrases ... where each entry have an index, realworld word or phrase and a madman ... letters" when used off course you could use a hash algorithm that put ... discarding almost all of those resulting in an approximate entropy of 20-25 ...
    (sci.crypt)
  • Re: Newbie - Login Password Processing?
    ... The administrator can go around the office, or the stage of a fundraiser event, and enter the pass phrase for each computer connected to a common database, then the users can log themselves on. ... I have that function, password to salt and key, for the crypto pass phrase and I was just going to re-use it for the login pass phrase. ... I need to generate an IV to encrypt the columns of each row, and I need to extract that IV so I can decrypt each row, where should I get the IV? ...
    (sci.crypt)