origins of internet protocol

[123headcase]

Hi guys
Im not an expert in this area but I remember reading an article some time ago about the origins of the current "insecure" network protocol. We started out with a unix based system which was then bastardised by M$ which made the packet switching thing inherently insecure - thats the gist of what I remember. Can anyone point me to the right area to find the history of this? My particular area of insterest is in secure communications and all this firewall stuff is just plastering over over the cracks, so I am told

be much obliged to be able to be a more informed observer

rgds
headcase

 

[guestgulkan]

I am not a more informed observer but:
TCP/IP was not invented by the UNIX fraternity. It just happened that the UNIX crowd picked it up a long time ago.
M$ ignored TCP/IP, the internet and the

http://WWW for

a long, long time and have only recently jumped on the bandwagon using TCP/IP as the default windows protocol.
So I would say that MS is basically an innocent in all this.
If I were to point the finger at M$ in any way, I would say in that trying to dominate the browser market (and put down Netscape, and Opera), they made Internet Explorer so open and leaky that it has become a liability.
I would also apply this accusation to Outlook and Outlook express mail.

But any inherent problems with TCP/IP,the Internet or

http://WWW aren't

really M$ fault and applies across the board (to UNIX, Linux, etc..)

 

[manarth]

123headcase - When you say "network protocol", I'm assuming you're referring to TCP/IP...as there are many network protocols it's better to refer to the protocol by name.

As for the origins of the internet, google "arpanet" - the precursor to the internet, created to meet specifications set by the US military.

btw, I go with Guestgulkan on this - it's not the protocol that's the problem, it's the software using the protocol. MS certainly aren't to blame for the protocol!

Have fun!

<marc> i wonder what will happen if i press this...[ul][li]please give feedback on what works / what doesn't[/li][li]need some help? how to get a better answer: faq581-3339[/li][/ul]

 

[123headcase]

Hi guys
Forgive me for pursuing my particular assertion (M$ did compromise the original integrity of the protocol) but about 6 months ago I came across a linked article about the origins of the tcp/ip system. It was a paper written by an erudite source (maybe an MIT professor or such). It explained how the system started out in Unic community and how M$ had pursued its own version but because M$ had gained market dominance the guardians of the net were forced into a compromise which reduce the integrity of the system, i think it had something to do with encrypting the packets before they left source). If this is a little garbled I apologise, I am going on a hazy memory here trying hard to reconstruct the info. What it came down to saying was that all this firewall stuff is a result of an insecure packet system. the real answer was to go back to the original secure packet system - thats what i think was said.

does that make sense?


heaDCASE

 

[manarth]

sorry 123headcase, but I will be quite categorical here - TCP/IP was not developed or altered by microsoft. If you have to blame someone, blame Vinton Cerf and Bob Kahn (look them up!)

Arpanet began in 1969 - early stuff indeed. TCP/IP was an evolution of the original NCP (Network Control Protocol), developed (as part of the arpanet project) for the DoD to allow multiplatform network communication (and to fulfil other goals, which I won't go into).
TCP was outlined in 74, IP added in 78. TCP/IP is a generic term for the combination of 2 seperate protocols.


Having googled &quot;arpanet&quot; and &quot;arpanet tcp/ip&quot; here are some of the applicable links - peruse them at your pleasure

Deinition of arpanet

http://www.webopedia.com/TERM/A/ARPANET.html

Timeline of the internet

http://www.zakon.org/robert/internet/timeline/

Birth of TCP/IP - death of NCP

http://www.historyoftheinternet.com/chap4.html

As for the security issues, M$ vulnerabilities (and other general vulnerabilities) are mostly due to either the software (e.g. MS IIS webserver) or the protocol layer ABOVE TCP/IP (e.g. FTP runs on top of TCP/IP, but passes unencrypted passwords - fyi: there are implementations of FTP which do pass encrypted passwords; this is an evolution of the original FTP protocol).


Take a look - there's much more information out there!

<marc> i wonder what will happen if i press this...[ul][li]please give feedback on what works / what doesn't[/li][li]need some help? how to get a better answer: faq581-3339[/li][/ul]

 

[guestgulkan]

123headcase I would really like to see that white paper.
But I think that your recollection at this moment is still too confused - and I still think that M$ didn't have much to do with Internet & TCP/IP. I believe they did put in their 2 cents worth on the DHCP protocol meetings though.

However, I'm prepared to live and learn.

 

[123headcase]

i manarth and gulkan
I agree that my recollections are indeed confused and I am trying to get my act together here. I will indeed dig further and follow your links and , bear with me, I hope to find this white paper for your erudite perusal :-}. This may take some time but I will get there

My real concern at the back of all this is that what we have, to use simple analogy, is an office building (your pc) and a telephone switchboard with 65,000+ extension nos (your ports). Once a malicious caller has found an open line he can manipulate his way around the switchboard to any &quot;room&quot; ie folder etc and do dirt deeds. I apologise if I am using too simplistic a model but Im afraid the network community shrouds itself in technobabble that is largely incomprensible to the reasonable user (bit like doctors and lawyers eh?)

Now I wanted to add to my analogy the simple understanding of data communication protocols (encrypted or not)

I reasoned that it should be possible to isolate &quot;complete floors in the building&quot; from the switchboard so that they cannot be penetrated in such a facile manner. At the moment we have our Pcs configured the way M$ would have us submit. Ther is a large marketing advantage to having priveledged access to billions of machines via the all intrusive &quot;M$ live update&quot; policy. So M$ designed the system to ensure that you could always contact M$ the way M$ wanted you to.
(allowing 2 way uncontrolled traffic at the whim of M$ - of course they would never compromise that trust would they? - trust what word is that?)

Having installed various protective apps, Zonealarm, Spyguard and so on, I am astonished at what gets put on my machine, even so. I am astonished at how I start receiving spam when I innocently visit a web site form a supposedly respectable magazine (PC Mag). I didnt give them my email address, never do. So why do I now start receiving spam. I have read much into the firewall, virus thing, and whilst its a real threat, its also riddled with self serving alarmisms - and it doesnt deal with the real problem of a fundamentally insecure comunication system - only plastering over the cracks.

so hence my digging back into the roots of the cause which were explained as I recall but cannot just now quote

I hope this makes sense

If I have got the wrong end of the stick feel free to put me right (the more you know, the more you realise how little you know

so guys please bear with me

 

[manarth]

In terms of ports, analogies are a little difficult.

There are 65000+ ports. A port has to be &quot;opened&quot; on the machine for something to connect to it. Webservers open port 80 (typically), FTP servers open port21.

Any data connecting to Port x is handed to that server to deal with (after stripping off the encapsulating packet transmission data).

an analogy: a post office truck rolls along the cabling, pulls up outside your network card. hands an envelope to the NIC. the NIC gives the envelope to Windows Sockets (Windows implementation of TCP/IP). Windows sockets opens the envelope and gives the letter to the server. the server reads the letter.

The issues are not so much insecurity of TCP/IP, but insecurities in the ways windows implements windows sockets.

For example, earlier versions of Windows opens ports which aren't necessarily needed. These open ports (which most users know nothing about) allow hackers to connect. Sending data down the ports can cause things like &quot;buffer overrun&quot;, where the data that should be being processed by the server leaks into adjacent memory spaced. A properly phrased hack can execute scripts / programs on the target PC.
M$ Security problem with IIS was that it was susceptible to attack in this manner.

Other programs / other o/s's have other holes - these are not insecurities in the data transmission, but insecurities in the way the receiving computer deals with data sent.

Other insecurities can arise because of the way a protocol on another layer (such as FTP or HTTP) passes data insecurely.

See the osi model for information about the 7 layers of communication:

http://www2.rad.com/networks/1994/osi/layers.htm

TCP & IP are layers 3 & 4. FTP is layer 7.

When you hit a site, your browser actually passes a huge chunk of info to the site it's surfing.

Privacy.net (

http://privacy.net/analyze/)

can test your internet privacy.

Shields Up (

https://grc.com/x/ne.dll?bh0bkyd2)

is a good site for testing your port vulnerability.

happy surfing =)

<marc> i wonder what will happen if i press this...[ul][li]please give feedback on what works / what doesn't[/li][li]need some help? how to get a better answer: faq581-3339[/li][/ul]

 

[dilettante]

Sounds to me like somebody here simply has a personal axe to grind regarding Microsoft.

Is this some sort of discussion about the Windows Automatic Update feature that uses Background Intelligent Transfer Service to download patches without stealing bandwidth from foreground applications? And if so, why is this a problem?

Microsoft doesn't have any &quot;privileged access&quot; to these machines. Auto Update is simply an example of a beneficial trojan, and one that can easily be turned off at each workstation or via group policies. It can even be redirected to download only approved updates from a server in your own network.

People seem to always fear what they don't understand. Personally I think it is a tragedy that things like firewalls are needed, but they are. TCP/IP was never designed for use in a hostile public environment - each peer has too much power. It was also never intended to be used to interconnect desktops, arising in an era where servers (mostly mainframes and minis) were used via dumb terminals using very simple connection protocols. That fact that it meets the needs that it does today is amazing and quite wonderful.

I also think things like Zone Alarm are crapware. People are generally better served by even a simple hardware NAT device, but in general NAT is useless against trojans. My answer to that is stop installing cruddy stuff on your PC in the first place. Perhaps impractical advice in today's world: most users are too greedy to bother with the fact that a lot of their personal theft software (Kazaa, etc.) incorporates spyware and such.

Microsoft did some amazing things with IE and OE. These are powerful application and communication platforms. Just as with TCP/IP though, they were not designed from the ground up to exist in a hostile environment. This leads to fix after fix, and the disabling or crippling of feature after feature. As far as Netscape goes, there's an evil outfit for you. They took publicly funded intellectual property (Mosaic) and tried to charge the public for it (Navigator). But I won't pretend that Microsoft didn't release IE for free for competitive advantage.

If you want to lay blame somewhere for a large chunk of &quot;Internet&quot; vulnerabilities (which are actually computer vulnerabilities) look no further than the real evil of the Internet: the C language. Look at the fantastic fraction of vulnerabilities on all platforms that are due to buffer overrun exploits. Crappy, cruddy C code is almost always the culprit here. The whole unmonitored, unchecked use of C pointers and lousy ideas like &quot;a null terminates a string&quot; is to blame for a vast number of these vulnerabilities.

Microsoft uses way too much C in their software products. But in the Unix world there is barely anything else!

My point is, stuff happens. And the Internet is no exception: stuff did. But where anybody gets off trying to blame Microsoft for the problems with TCP/IP is beyond me.

 

[jimbopalmer]

As a personal observation, if you use absolutley no Microsoft products, the internet is a considerably safer place.

I tried to remain child-like, all I acheived was childish.

 

[123headcase]

Gentlemen
Thank you sincerely for your knowledgeable contributions to this topic, of which the basic concern is interenet insecurity. I have been following various sites (including grc.com) to learn about these vulnerabilities. A year ago I was pretty much untroubled by such worries. Then I began to get problems which got solved (a virus infection and a malicious firewall product). But matters got steadily worse and I found my machine being targetted in a personal way. I complained to my ISP as I suspected a bored server minder messy about in the early hours. That problem disappeared but it left me vary suspicious of everything. The more I learned , the more alarmed I became.

The bottom line is that if you never connect your machine to the internet and you only run standard well known apps on a stable (?) platform like WXPpro, then you are extremely unlikely to experience any problems/

The minute you connect, then you open yourself to all comers and all this agressive intrusive advertising (what will they think of next to annoy the user)

For example many site now will not work unless you enable active X (which is also responsible for spyware) - hotmail is a good example. You also have to tolerate so called benign cookies Google for example tracks and reports on your search patterns.

Trying to protect yourslef anf your privacy is consuming greater and greater amounts of my time - Ill never get any productive work done by the end of this year if the trend continues

My current practice is to use my old laptop for dial up networking and I keep my main precious machine physically separate. I transfer data across using a 64meg USB Sandisk flash card (normally intended for my digital camera). data is virus checked before it leaves my laptop, I use
Grist AVG for that and zonealarm std as a firewall. I also have spyware guard to keep most of the crap out and spybot as a double check. Its amazing what it still finds at the end of a week

incidentally fyi when plugging and unplugging usb devices you should wait at least a couple of minutes before plugiing in another device into the same socket. The system needs time to reset itself otherwise it still thinks its looking at the old device and this can freeze your machine

Its really annoying to think that all this has gone on without your knowledge or consent

I have probably wandered off the point here because my original concern was the integrity of the tcp/ip protocol. I understood that this could be intercepted and decoded by malicious persons tapping into the trunk and that the original spec called for all packets to be encrypted at source but this didnt fit with the M$ practice.

Im afraid I still havent found thaT WHITE PAPER, will keep trying

I often get accused of being anti M$ and just wanting to to a bash at M$. Well I think they really deserve it. Their business practices and callous disregard for the consumer concerns really stink. I any other industry they would have been sunk by law suites a long time ago but the software industry is notoriously difficult to prosecute as the as the US government found when it capitulated. No monopoly is a good monopoly and M$ shows no signs of learning from its mistakes and public disaffection. The future will bear me out when you see even more signs of M$ spreading its power base and ruthlessly crushing any opposition. they are just beginning to take Linux seriously and will probably launch Winux to flatten this fledgling opposition. It will arrive a a complete user friendly (superficially at least) package that can be installed by a baby, and the gullible public will love it. It will completely submerge Linux due to the immense power the the M$ marketing machine but it will no longer be open source and the average mongol wont know the difference
Quite a few large corporate and gov orgs are switching their own networks over to Linux, so I read, due to the very high cost of partnership with NT

2003 brought us the iraq war, I think 2004 will see the start of the M$/US gov onslaught on personal freedom on the internet. You wont have it anymore

M$ already has plans for the &quot;Trusted Customer&quot; whereby you sign up for a premium edition of M$ software which must include a live update link (or it stops working after a while). Your machine will also be registered via its internal codenumber and you are locked in bed with M$ benignly supervising your machine (just like a network admin)

Anyone outside of this fence will have to use basic editions or old software. so they will gradually force the entire pc world into partnering with M$ or else go take a hike buddy

I am sure I will in the near future move over to Linux and learn the innards, it seems prefereably to haveing to cope with the techno babble from self seeking security consultants. It promises me control of my my machine back in my hands (like the good old DOS days). It would be interesting to know what the stats are for Linux uptake

btw I agree with you about C+ and buffer overflows, what an inordinately clumbsy system which is so fundamental to a program

As far as I am able to tell there are no proper standards for checking this software. Its left up to the individual programmer to prove his block of code. Even with the best of intentions, none of us is that perfect as I am only too well aware of myself

In the realm of the blind, the one eyed man is King

rgds

Headcase

 

[manarth]

you forgot to use the <rant> </rant> tags.

<marc> i wonder what will happen if i press this...[ul][li]please give feedback on what works / what doesn't[/li][li]need some help? how to get a better answer: faq581-3339[/li][/ul]

 

[Comstocb]

Heh....I remember to use those tags if I ever go off. I'll try my own tags here:

<soapbox>You know, I went through the same thing and have read all of the GRC site and use Zonealarm with a good DSL router/firewall, etc. and even looked into Linux as an alternative to &quot;being asimilated&quot;. Gotta say though that after reflecting for awhile, I have M$ to thank for the internet today as if there is no money to be made, nothing will develop and grow. I am old enough to know what its like to really have to do research instead of googling a topic and having volumes of information immediately. Personally, I use M$ products as they make the most of my computer. Linux or any other free OS' can't even come close yet (secretly I hope they do however). Its wise to be imformed and protect yourself, I do, but be careful damning M$ when they are a huge part of the development of the computer experience everyone takes for granted today.</soapbox>

Brian

 

[123headcase]

Hi comstocb
I woldnt object to acknowledging the contribution M$ has made to the PC culture (PCs for idiots,absolutely no technical knowledge required to use it)Their appraoch has really opened up the pc to the hoi poloi. thats ok
What I really object to is their arrogance and lack of business ethics so characteristic of american culture.

XP, which I use, is probably the best product they have produced so far. The savvy community, such as this one, is sufficiently skilled now to be able to tweak out all the dirty marketing tricks that M$ seems to think are cute (eg WMplayer's phone home policy etc). So Ive got a sharp amchine for my work instead of quirky crash prone W98.
Thats ok
but does M$ stand back and take benefit from the major achievement, oh no, they have more darstadly plans for world domination - the Palladium (Trustworthy computing ) project. This has far reaching implications. you pc will most certainly no longer be personal. It will make the issue of the bundled IE thingy look like a vicars tea party.

you will become wedded, embedded and indebted to M$ for the foreseeable future. All your applications will be supplied directly from M$. In effect you will be part of the M$ network and the great Gatesby will be the all powerful sysadmin

your applications will be registered centrally as will your machine. if you want to move your app from one machine to another you will have to get authorisation

I suspect a US/M$ conspiracy here in the name of fighting terrorism, cant have people running around with all that freedom.

I dont know if you have ever worked in the states but its remarkable (for a europeean at least) to note how little freedom they have over there. You dont get very far without ID (a social security card and/or a driver's licence). A large amount of data is collected and held on every citizen from birth and they dont ever see the need to question this
because of the belief that uncle sam and the constitution would alway protect your rights.(forget all the rubbish you see coming out of hollywood, they give a wholly unrealistic and romanticised view of the american way of life, the reality is dont go out after 9pm for fear of drive by shootings).

The reason I draw this parallel is that M$ thinking is affected by this same self righteousness. You - the customer- are going to be taken care of by us our way (because we have the power to make you).

Its this that I really object too

What I fear is that the lumpen proleteriate will just go along with the message because it will be made so easy (just sign here with your credit card details and you will have free software and on,line support for 5 years for a small annual licence fee - sir). These guys far outnumber the computer savvy community. end of soapbox

 

[manarth]

123headcase - perhaps you should consider joining forum717: IT Ethics forum. You will find many like minds (and more than a few vehemently opposed minds!)

<marc> i wonder what will happen if i press this...[ul][li]please give feedback on what works / what doesn't[/li][li]need some help? how to get a better answer: faq581-3339[/li][/ul]

 

[Comstocb]

Well, hopefully enough people like you get together and make an alternative to M$. I'd buy it. Capitalism is great but it does have its downside when &quot;fairness&quot; is considered. I applaud your concern as its people like you that prevent run away abuse of those in power. You probably wont care much for me however as I just don't care what M$ does. Microsoft can watch what I do as I just do research, visit espn and racerx, and check my worthless stocks. As far as paying for their software, I think they deserve every penny they get for the quality software they produce to allow me to make the most of my computer and the internet. Hell, now I'm ranting. Just a thought, getting worked up about &quot;injustice&quot; is fine, just put that energy to good use and change things, start by not using M$ products as if they continue to make money and competitors don't, they will continue to call the shots. Hoping the government will step up and legislate them into submission will never work and history has shown that numerous times. Money (power) is what influences change.