Internet Services

Notes:

The TCP/IP protocol suite provides the basis for implementing a wide range of useful services including electronic mail, Usenet news and the World Wide Web. TCP/IP is an open suite of protocols and as a consequence applications, both clients and servers, are not restricted to single vendor solutions. For example, each of major operating systems has well over a dozen Web browsers and servers to choose from. This diversity is a boon to users but a nightmare to network security administrators. Each product has to be evaluated separately to ensure that it will not present backdoors useful to hackers. In a large network offering a range of services: updates, security alerts and patches must be tracked for each product.
The TCP/IP suite was designed to promote cooperation and sharing of data. All data is transmitted as plain-text and authenticity of header data is not ensured. There is no widespread agreement on authentication, session management or security protocols. These are often built into each service on an ad-hoc basis and present their own challenges to network administrators.
There are a number of TCP/IP based protocols, such as Network File System (NFS), the Simple Network Management Protocol or X/Windows which are thought of as LAN based services. However by using the Internet Protocol suite these services can be accessed from the Internet as easily as a Web server. Unless steps are taken any TCP/IP service can provide a useful point of attack for hackers.