Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
adeona-developers
Home
+ new post
About this group
Join this group
How Hackers Exploit Protocols
Options
There are currently too many topics in this group that display first. To make this topic appear first, remove this option from another topic.
There was an error processing your request. Please try again.
flag
   1 message - Collapse all  -  Translate all to Translated (View all originals)
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Donna  
View profile  
 More options Sep 11 2009, 1:02 pm
From: Donna <carberosdonnaro...@gmail.com>
Date: Fri, 11 Sep 2009 10:02:30 -0700 (PDT)
Local: Fri, Sep 11 2009 1:02 pm
Subject: How Hackers Exploit Protocols
Print | Individual message | Show original | Report this message | Find messages by this author
When two layers on the same node communicate, or when peer layers
communicate, they rely on a well-defined protocol and precisely stated
message formats. The protocol states who initiates the connection, how
the session is terminated, the order of messages, what to do if an
error occurs, and other characteristics of the session that are
necessary for the exchange to succeed. A protocol also can be thought
of as an algorithm because most protocols are defined as state
machines.

As with other algorithms, order is important. If you want to bake a
cake, getting the right ingredients is just one part of the process.
Mixing and cooking the ingredients in the right order are required to
achieve an edible result. The same is true for network communications
protocols. If one half of the session decides to get creative with the
protocol, the results will not be guaranteed.

Getting the order of messages right is important, but you also need to
format the messages properly. A baking recipe is useless if the order
of the steps is clear, but the steps are not accurately defined. For
example, if the recipe is incorrectly copied from a friend and asks
for one unit of butter instead of one unit of flour, you will end up
with a different dessert. Similarly, in network message exchanges, if
message integrity cannot be guaranteed, any dialogue between the peers
will not succeed.

Designing a secure distributed protocol is more of an art than a
science. When someone at your site invents a new distributed security
protocol, alarm bells should sound. Unless this person is
knowledgeable and has studied a number of references, a better-than-
average chance exists for the protocol to have weaknesses.

Regard,
Donna - http://infoseeks.co.cc
      - http://79br.net


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
End of messages
« Back to Discussions « Newer topic     Older topic »

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google