Network Security SWOT Analysis

Vulnerabilities Threats Countermeasures

Send-Mail package, which is a default install, is one of the vulnerabilities. Its references are CVE-2006-0058 and RHSA-2006-0058. Send-Mail package has a flaw during the handling of asynchronous signals (Negus, 2003). This gives the attacker a chance to take advantage of the flaw to launch the execution of arbitrary codes as root To counter such threats it is important to prevent execution in all possible locations. Fortunately, there is software that addresses such issues. Execshield will order space for address to ensure the maximization of the no-exec area.

Having the references RHSA-2006:0164 and CVE-2005-3656, mod_auth_pgsql is another vulnerable package. Information of the package has flaws in its format strings allowing and attacker to take advantage of this by the execution of arbitrary codes as Apache user as they try to the package in the authentication processes (Shekhar, 2006). Once there is the implementation of malloc, there is the discovery of corruptible information. It ensures that there is the verification of list pointers and that there is comparison of size and surrounding to prevent overlaps.

RHSA-2005:627 and CVE-2005-2103 are the references of gaim package that does not install on default. There was the discovery of heap-based buffer overflows in its message processing of the application. Remote attackers might exploit this opportunity to send crafted messages to the user of that application while logged to ICQ or AIM. The result of this is triggering arbitrary code executions. Recognizing buffer overflows at an earlier stage could be helpful. This is possible through the reordering of the stack frame to enable the movement of character arrays on the frame top (Troubitsyna, 2011). To add on this, it is important to insert canary value between the return addresses and character arrays.

Kopete is another vulnerable application of Linux Red operating system. The installation of the application is default during the initial application. References of the program are RHSA-2005:639 and CVE-2005-1852. The description of this threat is that there is the discovery of numerous overflows in the processes involving the Gadu-Gadu messages (Barkakati, 2004). There is the threat of a remote user with malicious intentions sending Gadu-Gadu messages created in a special manner that could result to the crashing of the Kopete application and at times trigger arbitrary codes executions (Sery, 2005). Though arrays on heap will have variations with sizes, they are vulnerable to overflow (Jang, 2003). Reordering of the ELF files is a possible countermeasure of such a menace. Ensuring that ELF data, whose modification is at the startup stages, has write protection is another way of curbing the threat.

Though the product does not install as a default program during the initial installation of the product, gaim is a vulnerability to the operating system. The reference codes of this product are RHSA-2005:429 and CVE-2005-1261. In study of the Red operating system results indicated that gaim was under the threat of containing stack-based bug overflows. The threat is in the manner that the application will process messages that contains a URL. To trigger execution of arbitrary, remote attackers might send user messages designed in a manner that they can achieve that objective. One of the countermeasures is the randomization of addresses ensuring that the all-return addresses are absolute. This will prevent the execution of the stack. There is no maximum security in this case given that remote attackers have the capability of overriding such measures (Simpson, 2011).

References

Shekhar, V. (2006). Red Hat Linux – Study Guide. New York: Laxmi Publications

Jang, M. H. (2003). Mastering Red Hat Linux 9. Hoboken: John Wiley and Sons Publishers.

Negus, C. (2003). Red Hat Linux 9 bible. Hoboken; Wiley Publications.Barkakati, N. (2004). Red Hat Linux 9 Professional Secrets. Hoboken: Wiley Publications.

Troubitsyna, E. A. (2011). Software Engineering for Resilient Systems: Third International Workshop. California: Springer Publishers.

Sery, P. G. (2005). Red Hat Fedora Linux 3 for Dummies. Hoboken; John Wiley and Sons.

Simpson, M. T. (2010). Hands-On Ethical Hacking and Network Defense. Stamford: Cengage Learning.