HostedDB - Dedicated UNIX Servers
index_17
Auerbach Publications © 2001 CRC Press LLC 08/01 Trojans have become very sophisticated and easy to use, mostly be- cause of huge weaknesses in popular operating systems and very re- sourceful programmers. A typical system sitting on the Internet can have a Trojan installed that can not only be used to gain access to the system, remotely control portions of the host system, obtain data stored locally, and collect keyboard input but can notify the attacker when the host sys- tem is online and ready for access. In some cases, information can be collected offline and sent to the attacker when the Internet connection is reestablished by the victim. It is this vulnerability that represents the worst-case scenario, and unfortunately, it is commonplace for a typical home system to be affected. In a case where the Trojan cannot be installed or implemented fully, an attacker could gain enough access, even if temporarily, to collect vital information about the targeted system or user, ultimately leading to more attacks with greater results. It can be argued that antivirus programs and host-based firewall applications can assist the user in reducing the vul- nerabilities and helping in discovering them — and possibly eradicating them. Unfortunately, the implementation, maintenance, and daily secure operation of such applications rests in the hands of the user. Neverthe- less, it is complicated enough protecting refined, highly technical envi- ronments with dedicated personnel, much less remote systems spread all over the Internet. A  STEP  BACK Early in the adoption of the Internet, systems were attacked, sometimes resulting in unauthorized access and the loss of data or the disclosure of proprietary information. As the threats became greater, increasingly more sophisticated, and difficult to stop, firewalls were implemented to reduce the direct exposure to the attack. In combination, systems that were al- lowing certain services were hardened against known weaknesses to fur- ther the overall protection. Furthermore, these hardened, specific systems were placed on isolated networks, referred to as DMZs, to pro- tect the internal network from attacks launched from them or weakness- es in their implementation. With all these measures in place, hackers to this day continue to gain astounding access to internal systems. Today, a firewall is a fundamental fixture in any Internet facing con- nection, and sometimes in huge amounts protecting vast numbers of sys- tems and networks. It has become the norm, an accepted fact of Internet life and an expensive one as well. Protecting the internal systems and re- sources from the Internet is paramount, and enormous work and financ- es are usually dedicated to supporting and maintaining the perimeter. It is reasonable to state that much of the protection implemented is to protect proprietary data or information from dissemination, modification, or destruction. The data in question remains within the security envelope