[Contents] [Index]

Introduction >>         Network Security Risks             Security of Internet Protocol         Different Secure Shell Versions         SSH2 Protocol Features         New Features         System Requirements         Installation >>         Desktop Icons         Support         Licensing >>     Configuration >>     Connecting >>     Terminal Window >>     File Transfer >>     Toolbar Reference >>     Menu Reference >>     Advanced Information >>     Troubleshooting >>     Appendices >>

Security of Internet Protocol

The IP protocol suite, including TCP/IP, was designed to provide reliable and scalable communications over real-world networks. It has served this goal well. However, it was designed twenty years ago in a world where the Internet consisted of a few hundred closely controlled hosts. The situation has changed. The Internet now connects tens of millions of computers, controlled by millions of individuals and organizations. The core network itself is administered by thousands of competing operators, and the network spans the whole globe, connected by fibers, leased lines, dialup modems, and mobile phones.

The phenomenal growth of the Internet has peaked the interest of businesses, military organizations, governments, and criminals. Suddenly, networks are changing the way business is done. They have changed the nature of trade and distribution networks, and the way individual people communicate with each other.

This upsurge of business communications, scientific communications and political communications on the Internet has also brought out negative elements. Criminals are looking for ways of getting a cut of the emerging business. Industrial espionage has become a reality. Intelligence agencies are showing growing interest towards networked communications, and they often exchange information with domestic commercial interest and political groups. Crackers, exchanging information and source code, make attacks that ten years ago were thought to be only within the reach of superpowers' intelligence agencies.

Consequently, the IP protocol, while very tolerant of random errors, is vulnerable to malicious attacks. The most common types of attacks include:

• Eavesdropping on a transmission, for example, looking for passwords, credit card numbers, or business secrets.
• Hijacking, or taking over a communication in such a way that the attacker can inspect and modify any data being transmitted between the communicating parties.
• IP spoofing, or faking network addresses or host names in order to fool access control mechanisms based on them or to redirect connections to a fake server.

The SSH2 protocol is designed to protect network communications against security hazards like these.