Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
opportunities to crack the host<strong>in</strong>g server(s) that supports the web site. So many different<br />
vulnerabilities and exploits are associated with HTTP and web services that it is impossible to<br />
list all of them. Script <strong>in</strong>adequacies are among the greatest historical vulnerabilities with<strong>in</strong><br />
websites. This <strong>in</strong>cludes problems both with<strong>in</strong> the script itself as well as problems with Common<br />
Gateway Interface (CGI) that <strong>in</strong>terfaces to the scripts or other executables, and with server side<br />
<strong>in</strong>cludes (SSI) 12 . Vulnerabilities can also be <strong>in</strong>troduced by <strong>in</strong>sert<strong>in</strong>g malicious code (through<br />
various means) <strong>in</strong>to the user’s web browser or by <strong>in</strong>sert<strong>in</strong>g corrupt web proxies. Many other<br />
security vulnerabilities are <strong>in</strong>troduced by poor web design and programm<strong>in</strong>g mistakes on the part<br />
of the web developer, <strong>in</strong>clud<strong>in</strong>g bugs latent with<strong>in</strong> the executables accessed by the website.<br />
Fortunately, a number of tools have been created to identify specific well-known vulnerabilities<br />
with<strong>in</strong> websites. Older tools <strong>in</strong>clude phfscan, cgiscan, gr<strong>in</strong>der, and SiteScan. Unfortunately,<br />
attackers also are able to use these same tools to identify and leverage exist<strong>in</strong>g vulnerabilities<br />
with<strong>in</strong> exist<strong>in</strong>g web sites, and new vulnerabilities may be <strong>in</strong>advertently <strong>in</strong>troduced dur<strong>in</strong>g any<br />
subsequent web site modification.<br />
A.2.7 MOBILE CODE AND MALICIOUS CODE.<br />
Because the dist<strong>in</strong>ction between data and code is vanish<strong>in</strong>g, malicious code (e.g., viruses and<br />
worms) may be <strong>in</strong>troduced without a conscious decision on the part of a user. Malicious code<br />
can perform many functions, <strong>in</strong>clud<strong>in</strong>g provid<strong>in</strong>g a vehicle for an attacker to compromise a<br />
system. For example, malicious code may be <strong>in</strong>troduced when <strong>in</strong>stall<strong>in</strong>g executable code, by a<br />
Java applet, or by view<strong>in</strong>g apparently benign data with<strong>in</strong> received e-mail or at remote websites.<br />
Mobile code, by contrast, is def<strong>in</strong>ed to merely be code that travels a network dur<strong>in</strong>g its lifetime<br />
to execute on a dest<strong>in</strong>ation mach<strong>in</strong>e. All current mechanisms to secure mobile code <strong>in</strong>volves<br />
trade-offs [A-12]. Consequently, the current situation rema<strong>in</strong>s very much like Gary McGraw<br />
and Edward Felten observed back <strong>in</strong> 1998:<br />
“Today’s diverse approaches to secur<strong>in</strong>g mobile code are all works <strong>in</strong> progress.<br />
Each different implementation of mobile code, <strong>in</strong>clud<strong>in</strong>g Java, ActiveX, and<br />
JavaScript, faces similar security risks; but each system presents a different way<br />
of deal<strong>in</strong>g with the risks. In our op<strong>in</strong>ion, Java's security design stands heads and<br />
shoulders above the competition. But Java is a complex system ... Secur<strong>in</strong>g Java<br />
and other forms of mobile code is still as much an art as it is a science” [A-13].<br />
A.2.8 NETWORK TIME PROTOCOL ATTACKS.<br />
Unix devices are potentially susceptible to network time protocol (NTP) spoof<strong>in</strong>g attacks. Even<br />
though the NTP protocol is optionally equipped with authentication and <strong>in</strong>tegrity capabilities, it<br />
runs over the UDP protocol. More tell<strong>in</strong>gly, publicly trusted NTP servers rarely use the NTP<br />
authentication provisions. Because of this, it is often possible for an attacker to forge NTP<br />
packets to a mach<strong>in</strong>e to make them appear as if they are com<strong>in</strong>g from a trusted NTP server. The<br />
attacker’s goal <strong>in</strong> do<strong>in</strong>g this is to manipulate that receiv<strong>in</strong>g computer’s systems clock, impact<strong>in</strong>g<br />
key utilities on that computer such as cron and ntpdate. A common reason for do<strong>in</strong>g this is that<br />
12 If SSI is used at all, its use should be limited by the “Includes NOEXEC” option.<br />
A-8