The Eagle Network Security Management System consists of several software
components. The gateway control program (gwcontrol) is the heart of the system. It handles network connection
requests from remote systems and from systems on your local network.
After consulting its configuration (or authorization) file, gwcontrol
either completes the connection or denies access. Gwcontrol maintains a list of active connections. For added
security, we have provided modified versions of the standard service daemons
ftpd and telnetd which interact with gwcontrol
to process service requests.
The display program shows the state of the gateway and current
connections based on gwcontrol's information. An
auxiliary program, the Vulture, kills programs which
aren't allowed to run on the G box. The following sections describe
these programs in detail.
While the Eagle routes packets entering your network, it is more capable than a standard router: it disassembles incoming packets and constructs new ones before sending them out to the destination host. This guarantees that there are no cracks for undefined packet types to exploit.
The Eagle maintains a complete transaction log. It alerts system administration whenever suspicious activity (e.g., four failed connect attempts from the same site within five minutes) is detected. As soon as the Eagle determines that something potentially harmful is happening, it logs the source of the offending packets and the route they travel. Recall that you, the system administrator, define what constitutes suspicious activity.
If you have a modem attached to your system, the Eagle can notify
appointed individuals via pager or fax whenever intrusions are
detected. The Eagle can also send alerts to a pager or to the
system's loudspeaker; via electronic mail; or to
a client program of your choice for processing. Refer to Chapter
for more details.
The Eagle software is auto-encrypted to discourage attempts to reverse-engineer it. It comes with a secure hash function checksum so that system administrators can routinely confirm that no one has tampered with the code. If the Eagle has been altered, it shuts itself down, preventing all remote network access until a verifiably correct version is reloaded. To provide assurance that there is no back door which might be exploited, the source code can be certified by an external agency using a secure checksum.