Moe
Larry
Curly
+-------------+ +-------------+
+-------------+
|
| |
| |
|
|
| |
| |
|
|
| |
| |
|
|
| |
| |
|
| 221 |
| 222 223 |
| 224 |
| || |
| || || |
| || |
+--------|----+ +--|-------|--+
+---|---------+
|
| |
|
+----------------+
+---------------+
Each || occurence represents a network interface (a network card). The IP addresses that we have assigned to these network interfaces are as follows:
Moe - 129.62.147.221
Larry - 129.62.149.222 (eth0) and 129.62.149.223 (eth1)
Curly - 129.62.147.224
We installed Red Hat Linux 6.0 on Moe and Larry and Free BSD 2.2.8 on Curly.
We performed a series of tests to determine what security flaws exist. We run the several programs on Moe which required communication with Curly, and we tried to use tcpdump on Larry to capture packets going between Moe to Curly.
First, using the standard installation, we run telnet, ftp and xterminal sessions from Moe to Curly; capturing the user login names and passwords turned out to be frighteningly easy.
Then, we installed Secure Shell (ssh) and tested again. Here is the list of tests and detailed information on how we tested - the first three tests were done before Secure Shell was installed, and then the next test was done using Secure Shell.