Unauthorized Access; Unauthorized Tampering - Netscape DIRECTORY SERVER 6.1 - DEPLOYMENT Deployment Manual

Hide thumbs Also See for NETSCAPE DIRECTORY SERVER 6.1 - DEPLOYMENT:

Configuration manual (314 pages)

Reference (162 pages)

Installation manual (128 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

page of 200

/ 200
Contents
Table of Contents
Bookmarks

Table of Contents

About Security Threats

•

Unauthorized Tampering

•

Denial of Service

The remainder of this section provides a brief overview of the most common

security threats to assist you with designing your directory's security policies.

Unauthorized Access

While it may seem simple to protect your directory from unauthorized access, the

problem can in fact be more complicated. There are several opportunities along the

path of directory information delivery for an unauthorized client to gain access to

data.

For example, an unauthorized client can use another client's credentials to access

the data. This is particularly likely when your directory uses unprotected

passwords. Or an unauthorized client can eavesdrop on the information

exchanged between a legitimate client and Directory Server.

Unauthorized access can occur from inside your company, or if your company is

connected to an extranet or to the Internet, from outside.

The scenarios described here are just a few examples of how an unauthorized client

might access your directory data.

The authentication methods, password policies, and access control mechanisms

provided by the Directory Server offer efficient ways of preventing unauthorized

access. Refer to "Selecting Appropriate Authentication Methods," on page 134,

"Designing a Password Policy," on page 139, and "Designing Access Control," on

page 146, for more information about these topics.

Unauthorized Tampering

If intruders gain access to your directory or intercept communications between

Directory Server and a client application, they have the potential to modify (or

tamper with) your directory data. Your directory is rendered useless if the data can

no longer be trusted by clients, or if the directory itself cannot trust the

modifications and queries it receives from clients.

For example, if your directory cannot detect tampering, an attacker could change a

client's request to the server (or not forward it) and change the server's response to

the client. SSL and similar technologies can solve this problem by signing

information at either end of the connection. For more information about using SSL

with Directory Server, refer to "Securing Connections With SSL," on page 154.

130

Netscape Directory Server Deployment Guide • August 2002

Table of Contents

Unauthorized Access; Unauthorized Tampering - Netscape DIRECTORY SERVER 6.1 - DEPLOYMENT Deployment Manual

Unauthorized Tampering

Unauthorized Access

Related Manuals for Netscape NETSCAPE DIRECTORY SERVER 6.1 - DEPLOYMENT

Related Content for Netscape NETSCAPE DIRECTORY SERVER 6.1 - DEPLOYMENT

Table of Contents