Validating the Authenticity of the DCE Security Service
The secval process within the DCE daemon can confirm that the DCE security server is an authentic server. An illegitimate DCE security server could give a malicious user root
access on a machine by returning a counterfeit local system identity. A secval ping operation confirms the authenticity of the DCE security server by performing an authenticated RPC to the
secval process. A successful return (1) indicates that the security server used all of the correct passwords needed for the authenticated RPC to succeed.
You can perform a secval ping operation on the local host or you can supply an argument to operate on a remote host. Because remote hosts might use different security servers, performing
secval ping operations on remote hosts provides a way to test the authenticity of other security servers operating in a cell.
The following example illustrates a secval ping operation to the secval process on remote host charon:
dcecp> secval ping /.:/hosts/charon/config/secval 1 dcecp>
|