• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Interview with a security professional - FX of Phenoelit

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles

View previous topic :: View next topic  
Author Message
alt.don
SF Boss
SF Boss


Joined: 04 Mar 2003
Posts: 16777079


Offline

PostPosted: Sun Sep 11, 2005 4:12 pm    Post subject: Interview with a security professional - FX of Phenoelit Reply with quote

Question

You are the author of the tool IRPAS, and as such know a great deal about routing protocols. Do you feel there is any one serious weakness in BGP?


FX's answer

In contrast to many other routing protocols, BGP is different since it relies on a TCP connection between the peer routers. So at one point, the security of BGP always relies on the underlaying routing protocol. The peers need to figure out how to get to their peers in order to set up a TCP connection. So, at the end of the day, BGP depends on everything all the other TCP connections depend on as Fernando Gont reinforced recently.

Question

What next step do you think the next version of BGP should take in terms of security?


FX's answer

This is very difficult. Many people would immediately shout "Encryption" and "Public Key authentication". But have you ever seen key distribution work in a larger network? I have to see one large network where MD5 for OSPF and BGP are used. Key distribution for large groups is, from the practical point of view, an unsolved problem, no matter what PKI vendors tell you. Other than that, there are certainly a number of things that could be improved, but you should ask a BGP expert on those Smile

Question

Do you feel that learning TCP/IP at a high level is important, or would you say that learning programming is more important overall to a security professional?


FX's answer

Learning programming (and not just coding) is very important and I suffer from knowing how to code a number of programming languages but never actually learned programming correctly (as in design, implement, debug, maintain). Understanding communication protocols is certainly important, but should be done on a higher level. It does a beginner little good to know exactly where which Bit is set in an IP packet. What (s)he needs to understand is the stateless nature, the TCP algorithms, the request/response behavior of HTTP and other fundamentals to understand the Internet.

Question

Not many programmers actually learn raw socket programming. This type of programming can lead to some interesting attacks. Would you agree that raw socket programming is an important factor in exploit development?


FX's answer

In line with my last answer, I would not agree. The attacks come from understanding what the packets mean. You can come up with an attack on some protocol (not only IP based ones) by reading the standard or RFC on the protocol and thinking the "but what if ..." question. Raw sockets are one way to implement the attack later, but not the important part. That's just a tool.

Question

Beyond Microsoft's product line do you believe there to be an avenue that
is ripe for exploitation ie: such as VoIP, or other technology?


FX's answer

To quote the OSVDB motto: Everything is vulnerable. What you see is pretty much always the same pattern. A new technology comes up, people start to look into the security early and find some fundamental issues. Then, everything becomes quiet for a while until the technology is widely used. Only then it is that you can start looking at how the major vendors in this market actually implemented the technology, which will dictate on how you go about hacking it. I expect this stage for VoIP and certain mobile communication devices soon. Bluetooth just arrived there.

Question

Do you consider exploit development a legitimate field of exercise as it relates to computer security, and if so why do you believe it be to?


FX's answer

Is this the mendatory full disclosure question ? Smile I think exploit development is a fun thing to do. It's also an important part of security. Without it, you would be in a situation comparable to building an armored vehicle and never actually firing a weapon to see if the armor holds. The existence of an exploit is in my eyes the only thing that separates a software bug from a software vulnerability. How do you do that without exploits?

Question

For someone beginning their studies of computer security, what two programming languages would you advise they learn, and why?


FX's answer

It depends if (s)he already knows programming. If that's the case, it would certainly be C and IA-32 Assembly. If not, (s)he should learn software development and practice it for a while, which I failed to do.

Question

Why do you think that the infrastructure of the web ie: routers and switches, are not targeted as often as say the desktop operating system?


FX's answer

You mean the infrastructure of the Internet, which is, although often forgotten lately, not the same thing. Routers and switches are very little targeted and this is not going to change very soon.

Question

Do you believe that Microsoft is now making a genuine effort to writing secure code, as is evidenced the lack of IIS 6 remote code exploits?


FX's answer

Yes, I do think they try hard. I don't know much about IIS holes, you have to ask other people about that (and you already did Smile, but Microsoft approached the software security issue from a global perspective and with long term plans, which I think is good and starts to pay off. Now it depends if they keep it up or not.

On behalf of the members and myself I would like to thank FX for taking the time to answer these questions for us.

This interview is copyright 2005 by the author and Security-Forums Dot Com, and may not be reproduced in any form in any media without the express permission of the author, or Security-Forums Dot Com.


Last edited by alt.don on Mon Oct 17, 2005 10:42 pm; edited 1 time in total
Back to top
View user's profile Send private message Visit poster's website
ryansutton
Trusted SF Member
Trusted SF Member


Joined: 25 Aug 2004
Posts: 67
Location: San Francisco, California

Offline

PostPosted: Mon Sep 12, 2005 9:06 pm    Post subject: Reply with quote

Thank you FX and Don, that was a great read! I found the question/answer about raw sockets very interesting. Great work.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> News // Columns // Articles All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register