Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
Local Area Networks (LANs) in Aircraft - FTP Directory Listing - FAA
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
“With the rise of client-side attacks, a flaw emerges <strong>in</strong> the old [security] model;<br />
despite avoid<strong>in</strong>g a direct connection to the outside, users might still be attacked<br />
by the very services that they’ve requested.” [24]<br />
“A new attack vector has been created <strong>in</strong> which users are transformed <strong>in</strong>to a<br />
platform to attack <strong>in</strong>ternal resources without their consent or even their<br />
awareness. Users are no longer passive participants <strong>in</strong> the security model;<br />
they’ve become the very service by which entrance is ga<strong>in</strong>ed <strong>in</strong>to the protected<br />
<strong>in</strong>terior of the network.” [16]<br />
There are many published examples of successful client-side attacks, <strong>in</strong>clud<strong>in</strong>g the follow<strong>in</strong>g:<br />
“The Oregon Department of Revenue has been contact<strong>in</strong>g some 2,300 taxpayers<br />
this week to notify them that their names, addresses or Social Security numbers<br />
may have been stolen by a Trojan horse program downloaded accidentally by a<br />
former worker who was surf<strong>in</strong>g pornographic sites while at work <strong>in</strong> January<br />
[2006].<br />
An <strong>in</strong>vestigation by agency security personnel and the Oregon State Police<br />
found that the malicious program was designed to capture keystrokes on the<br />
former employee’s computer … The employee was an entry-level worker who<br />
was assigned to enter taxpayer name and address changes, as well as some<br />
social security numbers. ‘We know that the <strong>in</strong>formation that the Trojan<br />
gathered up was transmitted outside of the agency’ to an unrelated Web site.<br />
The <strong>in</strong>cident is still under <strong>in</strong>vestigation.” [25]<br />
Therefore, attacks aga<strong>in</strong>st networked entities may occur from outsiders, from corrupted <strong>in</strong>siders,<br />
as well as from client-side attacks (see figure 9). The effect of outsider attacks is to emphasize<br />
perimeter defense protections (e.g., firewalls, VPNs). The effect of corrupted <strong>in</strong>siders is that<br />
network security is no longer primarily a function of establish<strong>in</strong>g adequate perimeter defense<br />
controls; it now must also <strong>in</strong>clude viable access control with<strong>in</strong> the network itself. The effect of<br />
client-side attacks is that network security is no longer solely a function of the total control<br />
protections established on devices with<strong>in</strong> the network. It is now also reliant upon the appropriate<br />
activities of every human us<strong>in</strong>g those network resources. While filter<strong>in</strong>g services located at the<br />
perimeter, defense firewalls can and do combat client-side attacks; however, new attacks are<br />
cont<strong>in</strong>ually be<strong>in</strong>g devised that perimeter defense filter<strong>in</strong>g systems must be updated to identify<br />
and elim<strong>in</strong>ate. Consequently, there is often a vulnerability w<strong>in</strong>dow between when a new attack<br />
type has been devised and when the protections aga<strong>in</strong>st that new attack have been deployed. For<br />
this reason, defense aga<strong>in</strong>st client-side attacks heavily relies upon end-user education—and can<br />
be circumvented by end-user mistakes.<br />
25