icos-2----Page:4
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
|
Security Problems Secure IP configuration Definition: secure configuration of IP address & configuration parameters Example: Secure configuration of the TFTP server Not a substitute for protocol security Does not preclude insecure use of a securely configured server Secure protocols Definition: Security for the protocols whose servers are configured Example: Secure TFTP Not a substitute for configuration security Assume mutual authentication/integrity/replay protection Enables continued operation if at least one good server can be discovered Client can detect/blacklist rogue servers Issues Attacker can DoS configuration servers, so that only bogus configuration gets through Not all protocols are secured, so blacklist not always possible Applications with major security problems Remote boot (boot server, boot image) Mobility (BU security) |