HP OSMS white paper: Security of Open Source Middleware Stacks
protection from a firewall, because you should never rely on any one defense in case the firewall is
compromised. Trojans can thwart firewall security and attack from within the perimeter defenses.
Linux is an ideal system with which to create a firewall. Using networking tools, such as iptables, any
configured Linux machine is a firewall in its own right. However, it is best not to design and configure
security alone, because any oversight leaves a system vulnerable.
Firewall projects are active in the open source community. One firewall project designed for network
deployment is the SmoothWall project, which is a hardened minimal Linux distribution expressly for use
as a standalone firewall. SmoothWall holds a position in the network replacing the gateway router and
performs many useful tasks in addition to firewalling, such as NAT, DHCP, logging, and even intrusion
detection.
An additional means of containing an intruder through firewall protection is to not rely solely on the
gateway firewall to prevent all attacks. This is done by enabling firewall rules on local systems that are
behind the gateway provides an additional layer of protection. For this purpose, the Bastille project provides
the means to filter access to services on individual machines. For instance, all connections to a MySQL
database can be limited exclusively to those originating from the local Apache process, subverting remote
MySQL attacks while enabling database services.
Use Secure Communications
Cryptographically secure communication provides any or all of the following services: the confidentiality
of network-transmitted data, integrity of the contents, and identity of senders or receivers. These services
do not require concurrent use, so they should be deployed as needed.
The use of SSH is often mistakenly believed to be sufficient for achieving a secure system. Remember, a
particular tool (even a well-known one) does not create a secure system. For instance, just because you
notice that you are connecting to your bank across an encrypted connection does not mean that your
personal data is not at risk. It might be true that the data cannot be discovered by listening to the connection,
but the data is not protected if someone placed a key-logger on the computer you are using or you are
“securely” connecting to a phishing Web site. SSH does not prevent the client from being attacked by the
server it connects to or vice versa.
Sometimes, securing transmitted information entails ensuring that the information cannot succumb to
eavesdropping attacks. Alternatively, the authenticity of entities might be required to ensure security and
the integrity of transmitted information might need verification. All of these have cryptographic solutions,
such as encrypted transmissions, authentication signatures, and content hashes.
To ensure the security of communication with a JBoss application server, you must implement
point-to-point encryption of messages. Such methods typically use the Secure Socket Layer
(SSL). OpenSSL is an open source project that implements SSL. Configuring JBoss with
OpenSSL for secure message transactions, such as those used in shopping cart applications,
is straightforward. However, do not forget to properly integrate a Public Key Infrastructure
(PKI) system because without verifying certificates systems are still vulnerable to
man-in-the-middle attacks.
Securing transmitted information might also involve the use of secure credentials and public or private
key management techniques. Be aware that encryption relies greatly on proper key management. Using
encrypted keys without a certification authority (CA) is a security risk. Using encrypted keys is similar
to using passwords because it restricts access to only those who possess the keys. Encrypted keys must
be generated carefully to ensure they are strong, and they must be carefully protected. Keys are used in
many areas of security, including the confirmation of system and user identity during trusted transactions,
locking and unlocking files for secure transfer, and providing password-like credentials. A valid CA,
trusted by all agents in a transaction, must recognize the keys.
Use Layered Security
Using various techniques in a coordinated effort , often called security-in-depth, creates the most secure
systems. Never depend on one layer of security; if a system has only one layer of security and that layer
succumbs to penetration, the entire system is vulnerable to the security breach.
In a layered approach, if one layer fails, additional layers have the opportunity to contain the attack. The
layers can augment each other, blanketing different weaknesses. A layered approach can slow down an
Essential Security 21