WWW protectors

Paul McNabb mcnabb@argus-systems.com
Fri, 6 Mar 1998 14:35:27 -0600


>  From: "Marcus J. Ranum" <mjr@nfr.net>
>  
>  >I'm looking for pointers to packages that protect web servers.
>  >So far I've found:
>  
>  The question to me is "how do they protect the web server?"
>  One of the ways a web server gets broken into is through
>  stupid flaws in CGI-bin scripts. There's not a good way for
>  an externally developed engine to know about all the stupid
>  CGI-flaws the end user might invent. Another way web servers
>  get broken into is through buggy code in the http daemon.
>  This is unfortunate, since you NEED something serving web,
>  and that's a main point of attack. Trusted operating systems
>  (CMWs, etc) can help prevent the web server software from
>  letting an attacker gain access to the whole system, but
>  unless it's set up carefully they may be able to gain
>  access to the web pages and alter them.

HP's Virtual Vault and Argus's Gibraltar (for Solaris) are both
designed to do exactly this.  They both use B1 features to force
CGI scripts and other applications to run in a different environment
than the webserver themselves.  With these products, the web pages
can be read-only for both the web server and the CGI scripts, and
you can completely isolate the webserver and CGI environments from
each other and from the rest of the system (including the ability
to send signals, use specific network interfaces, use IPC mechanisms,
access storage devices, etc.).  Both VV and Gibraltar remove the
superuser/root functionality of standard Unix.

VV and Gibraltar are the basis for providing secure internet
transaction web sites, where the outside and inside of a webserver
have to be protected from each other.  Both are marketed to banking
and securities companies as well as to any company needing to build
a very secured host connected to multiple networks.

All of the other B1-type security systems I'm aware of are designed
to provide the *tools* to do this, but do not integrate the webserver
fully into the environment (VV and Gibraltar supply modified web
servers) and do not preconfigure the whole thing for commercial
installation and use, and do not automate the separation into various
compartments for the different applications and net services.

paul

---------------------------------------------------------
Paul McNabb                     Argus Systems Group, Inc.
Vice President and CTO          1809 Woodfield Drive
mcnabb@argus-systems.com        Savoy, IL 61874 USA
TEL 217-355-6308
FAX 217-355-1433                "Securing the Future"
---------------------------------------------------------