Home About USENIX Events Membership Publications Students
Security '03 - Invited Talk

Internet Security: An Optimist Gropes For Hope

Bill Cheswick, Lumeta

Click here to start

Table of Contents

  1. Internet Security: An Optimist Gropes For Hope
  2. Firewalls and Internet Security
  3. Most common question from the press:
  4. Universal Answer
  5. Why?
  6. Aug. 1993
  7. In August 1993
  8. CERT advisories: 1994
  9. CERT advisories, 1994
  10. CERT advisories, 1994 (cont.)
  11. Many attacks were theoretical...
  12. ...and then they happened...
  13. There are a lot more players, and on average they are a lot less secure
  14. When I started at the Labs (Dec 1987)
  15. Now, everyone is on the Internet
  16. We've been losing ground for decades
  17. Life cycle of a security bug, roughly
  18. Yeahbuttal
  19. Cost vs. Benefits
  20. OTOH, tools we didn't have in 1994
  21. Bright spots, now
  22. I am optimistic. Good security is possible
  23. There are a lot of benefits
  24. Financial business models are working
  25. And Microsoft...
  26. What does good security feel like?
  27. The Morris worm: Nov. 1988
  28. Some facts to keep in mind: economics
  29. Some things we can't fix
  30. Social Engineering
  31. I need to manage expectations here
  32. Software will always have bugs
  33. People pick lousy passwords
  34. Some facts to keep in mind: users are not security experts
  35. Social Engineering (cont.)
  36. Another Problem With Strange Programs
  37. Managing expectations: Denial-of-Service
  38. Wireless passwords
  39. Experts cut corners, too
  40. I cheated on my authentication test
  41. I cheated on my authentication test (cont.)
  42. Some principles and tools
  43. Security strategies
  44. Staying out of the game
  45. Defense in depth
  46. Layered Positive Measures to Assure Against Unauthorized Use
  47. Secure defaults are important
  48. Security doesn't need to be inconvenient
  49. Some solutions: Hardware tokens
  50. One-time Passwords
  51. Authentication
  52. Principles and tools: encryption
  53. Encryption is necessary, but not sufficient
  54. Tools: Trusted Computing Base
  55. Default services—SGI workstation
  56. More default services
  57. If You Don't have a Trusted Computing Base...
  58. Firewalls Perimeter Defenses
  59. Firewalls have their uses
  60. Firewalls: Not a panacea
  61. Anything large enough to be called an "intranet" is probably out of control
  62. PPT Slide
  63. PPT Slide
  64. Some intranet statistics from Lumeta clients
  65. Perimeter defenses don't work if the perimeter is too big
  66. Example: Life Without a Firewall
  67. It can be done
  68. Life without a firewall
  69. We need to be able to trust our hosts
  70. Secure host technology
  71. Secure host technology
  72. Routes to root
  73. root network services
  74. Setuid-root programs
  75. Root: The gatewat to privilige
  76. Setuid-root
  77. So, don't have network services...
  78. So, don't have users...
  79. Get rid of setuid programs if you do have users
  80. Minimize root network services
  81. Three layers of defense we might have
  82. Chroot
  83. Awful stuff you have to do to jail a program
  84. Example: a web server highly-resistant to defacement
  85. Goal
  86. Implementation
  87. Other software I have jailed
  88. Sample message
  89. Sample message
  90. Some jail themselves, or should
  91. Example: Amazon, Fedex, ...
  92. Things are getting better: we have business models
  93. Example: Spook networks
  94. Talk to spooks: they have security experience
  95. Spooks
  96. Spooks...
  97. Ches's wish list
  98. Ches's wish list
  99. More wishes
  100. Ches's wish list
  101. Still theoretical
  102. Conclusion
  103. Questions

?Need help? Use our Contacts page.

Last changed: 19 Aug. 2003 aw
Technical Program
Security '03 Home
USENIX home