Hi. I would like to set up a file server that does not use tcp/ip at all. Only some other protocol. What protocol can be used?

The reason I want to do this is what is known as protocol isolation: if the server only speaks a non-tcp/ip protocol, it is much harder to hack into from other computers in the LAN. These computers are connected to the internet for web browsing, and can therefore get penetrated.

So what is the most secure non-tcp/ip protocol for protocol isolation? Ie the hardest to penetrate?

And what protocol should be used above that for the file sharing? NFS? Samba? Ftp?

IF the machines that can speak to the isolated machine can have access to the isolated machines, then there is very little point in changing the proticol that they speak in. ie once they have hacked into the bridge machine, they have access to the isolated machine. Almost all of the common file sharing methods make use of tcp/ip. If you just want to prevent direct outside access just make good use of hosts.allow and hosts.deny. That way you can control what machines can speak directly to your "isolated" machine (ie block all non local ips).

I do not mind the access to the shared files, it is hacking with tcp/ip port scans that protocol isolation aims to prevent. Recommended protocol for this is netbeui in windows, but it is not available on linux any more (used to be 10 years ago). Maybe tcp/ip properly set up is better than protocol isolation, but can we please not consider tcp/ip in this discussion. It is about protocol isolation, not general best security practises.

Is it possible to do the same thing as laplink file-sharing but do it through ethernet cards instead of serial ports?

Protocol isolation (by way of NetBEUI, IPX/SPX or whatever else ancient, crappy and proprietary standard) is just one way to guard against attacks. Regardless of the protocol used there still may occur DoSses, besides using non-IP protocols does not mean servers or clients are without flaws and on top of that you effectively double risks where you interface both ways on your protocol edge. In short: protocol isolation does not provide absolute security. It is not a holy grail you should pursue. (BTW wrt what's mentioned elsewhere, AFAIK any brokering that VPN or virtual network offer, are provided over IP and therefore do not match your requirement of "non-TCP/IP protocol".) I suggest you exhaust the hardening and segregation possibilities the IP protocol suite allows for and then assess the security posture. I am confident that will address ninetynine percent of what's possible. If then you decide that's not enough for you, then you could throw all your effort in chasing the fabled "protocol isolation" phantom.

The US Army seem to have a different opinion. I just found this:

http://www.rudebadmood.com/winmac/200007/0015.html

Appletalk seems to be available on linux. Anyone know how to set it up underneath smb/nfs/ftp or whatever else is available on linux for file sharing?

I would also like to access a windows 2000 file server this way. Anyone know how to install appletalk on windows 2000?

It's from 2000 FCOL. I think you should not confuse that kind of posts on that kind of lists as being even remotely representative of any best practices. The amount of true "protocol isolation" threads on LQ may be kind of indicative of that it represents in the networking panoply. In my years here I've encountered only two. And the other thread definately showed the member in question having multiple problems completely unrelated to GNU/Linux, networking theory or network best practices...

What exactly does this mean for you? Old proprietary computers are easier to hack?

Why is what you say a better practise than appletalk? Can you hack me a computer if I set it up with appletalk, as the link says? What tools would you use?

In means just what it says: that you shouldn't use arbitrary information on the 'net as basis for defending your "protocol isolation" idea on.


Maybe some research could do you good. Try finding whitepapers by any renowned institute or official source on the subject of network best practices.


"Hacking" to me means ameliorating, making something behave different or work better. You're asking about cracking or pentesting really. cve.mitre.org, osvdb.org, nvd.nist.gov or secunia.com list a few reported problems with Appletalk in the past three years so that could be a starting point.

But you only mention it's from the year 2000, you have not given any reasoning what's wrong with the year 2000. There's nothing wrong with the year 2000. In fact it's an advantage because proprietary computers of the year 2000 are obviously harder to break into by a hacker. Here is some reasoning why: Say you put a sniffer and detect the linux box is using appletalk or some other obscure protocol that there are no hacking tools for, what are you going to do about it? Reverse engineer the entire protocol? Little used hardware and software like apple macs are considered the toughest to hack into by the FBI because nobody bothers to develop hacking tools for them - too much effort for two few possible target computers.

Thanks, I have done three years of research at university and another three in industry. Research is not just reading other people's papers. It's also inventing.

I'll check these out then. I'm sure any problems are not as well known in the underground and exploitable as those of windows or linux. Here's a security expert who got visited by the FBI.

http://www.theregister.co.uk/2004/01..._from_the_fbi/

"Dave had some surprises up his sleeve as well. You'll remember that I said he was using a ThinkPad (running Windows!). I asked him [the FBI agent] about that, and he told us that many of the computer security folks back at FBI HQ use Macs running OS X, since those machines can do just about anything: run software for Mac, Unix, or Windows, using either a GUI or the command line. And they're secure out of the box. ... Are you listening, Apple? The FBI wants to buy your stuff. Dave also had a great quotation for us: "If you're a bad guy and you want to frustrate law enforcement, use a Mac."

It's just a story told and it's old. That it's old doesn't mean it's a bad story. Lots of old stories are good. And there's nothing wrong with the year 2000 itself. The year 2000 was a good year, especially for telling stories...


Uh uh, obviously!


It's been done way before Motorola existed, I don't see what would be the problem with that.


This is just too much, ROTFL!


Ah. That sounds familiar. Have you by any chance been on LQ under another handle? Possibly talking about the same topic?

No I'm not anyone you know on this forum, never written here before. By the way, many articles by security experts recommend going to browsers like opera, konqueror etc, because there are not many exploits for them. That is not so because they are better, but because nobody bothers to do vulnerability research on them - not enough return on investment. Feel free to roll over the floor as much as you like.

That would be akin to the old "security by obscurity" pitfall me thinks. Anyway, you being a researcher, will probably be able to back that up by posting a few references...


No, that was only because the quote was utterly dated. It may be nothing in the life of a comet or a moving contintent but 5 years in terms of computing is a lot.

I'm not sure where you get your security information from, but it's painfully out of date. There are plenty of exploits for Opera, Konquerer, Safari and so on. There are also plenty of vulns in OS X. It's not the safe haven it was previously believed to be.

As has been previously stated, security by obscurity is not a sound policy. You are also relying on an improper assumption that there is such thing as a secure protocol. The correct assumption is to consider all protocols insecure and harden your system accordingly.

Τhanks for the info. It turns out the weakest link in security is humans because we inevitably go to dangerous sites (they don't say "dangerous" on the package), we try questionable software, we choose weak passwords, etc. We can't really stop doing all of these at home. So one philosophy is to accept that you will eventually get infected and plan for it, in order to limit the spread and durability of the infection. So I'm using sandboxed firefox for now and it is surprisingly effective. But planning to move to a linux liveCD. That will be on a diskless linux box and anything worth saving will be saved on a separate server. So the question is, if you were to hack into this server from my linux box, 1. how long would it take you if the server only spoke appletalk, 2. how long would it take you if it only had the decnet suite installed, 3. how long if it spoke tcp/ip? Is the time taken to penetrate, a sound metric of security? Or you can provide perfect unbreakable security?

What about the number of people capable of penetrating a server within a given time, is that a sound metric of security?