Etextbook 978 0134527338 Network Security Essentials Applications and Standards 6th Edition

eTextbook 978-0134527338 Network
Security Essentials: Applications and

Standards (6th Edition)
Visit to download the full and correct content document:
https://ebookmass.com/product/etextbook-978-0134527338-network-security-essenti
als-applications-and-standards-6th-edition/
5. 3.5 Public-Key Cryptography Algorithms 84
6. 3.6 Digital Signatures 93
1. 3.7 Key Terms, Review Questions, and Problems 96
3. Part Two: Network Security Applications 103
1. Chapter 4 Key Distribution and User Authentication 103
1. 4.1 Remote User Authentication Principles 104
2. 4.2 Symmetric Key Distribution Using Symmetric Encryption 107
3. 4.3 Kerberos 108
4. 4.4 Key Distribution Using Asymmetric Encryption 121
5. 4.5 X.509 Certificates 123
6. 4.6 Public-Key Infrastructure 130
7. 4.7 Federated Identity Management 133
2. Chapter 5 Network Access Control and Cloud Security 144
1. 5.1 Network Access Control 145
2. 5.2 Extensible Authentication Protocol 148
3. 5.3 IEEE 802.1X Port-Based Network Access Control 152
4. 5.4 Cloud Computing 154
5. 5.5 Cloud Security Risks and Countermeasures 160
6. 5.6 Data Protection in the Cloud 162
7. 5.7 Cloud Security as a Service 166
8. 5.8 Addressing Cloud Computing Security Concerns 169
3. Chapter 6 Transport-Level Security 171
1. 6.1 Web Security Considerations 172
2. 6.2 Transport Layer Security 174
3. 6.3 HTTPS 191
4. 6.4 Secure Shell (SSH) 192
8
4. Chapter 7 Wireless Network Security 206
1. 7.1 Wireless Security 207
2. 7.2 Mobile Device Security 210
3. 7.3 IEEE 802.11 Wireless LAN Overview 214
4. 7.4 IEEE 802.11i Wireless LAN Security 220
5. Chapter 8 Electronic Mail Security 237
1. 8.1 Internet Mail Architecture 238
2. 8.2 E-mail Formats 242
3. 8.3 E-mail Threats and Comprehensive E-mail Security 250
4. 8.4 S/MIME 252
5. 8.5 Pretty Good Privacy 263
6. 8.6 DNSSEC 264
7. 8.7 DNS-Based Authentication of Named Entities 268
8. 8.8 Sender Policy Framework 270
9. 8.9 DomainKeys Identified Mail 273
10. 8.10 Domain-Based Message Authentication, Reporting, and Conformance 279
6. Chapter 9 IP Security 286
1. 9.1 IP Security Overview 287
2. 9.2 IP Security Policy 293
3. 9.3 Encapsulating Security Payload 298
4. 9.4 Combining Security Associations 306
5. 9.5 Internet Key Exchange 309
6. 9.6 Cryptographic Suites 317
4. Part Three: System Security 321
9
1. Chapter 10 Malicious Software 321
1. 10.1 Types of Malicious Software (Malware) 322
2. 10.2 Advanced Persistent Threat 325
3. 10.3 Propagation—Infected Content—Viruses 326
4. 10.4 Propagation—Vulnerability Exploit—Worms 331
5. 10.5 Propagation—Social Engineering—Spam E-mail, Trojans 337
6. 10.6 Payload—System Corruption 339
7. 10.7 Payload—Attack Agent—Zombie, Bots 340
8. 10.8 Payload—Information Theft—Keyloggers, Phishing, Spyware 341
9. 10.9 Payload—Stealthing—Backdoors, Rootkits 343
10. 10.10 Countermeasures 344
11. 10.11 Distributed Denial of Service Attacks 351
2. Chapter 11 Intruders 359
1. 11.1 Intruders 360
2. 11.2 Intrusion Detection 365
3. 11.3 Password Management 380
3. Chapter 12 Firewalls 394
1. 12.1 The Need for Firewalls 395
2. 12.2 Firewall Characteristics and Access Policy 396
3. 12.3 Types of Firewalls 398
4. 12.4 Firewall Basing 404
5. 12.5 Firewall Location and Configurations 407
1. Appendices 416
1. Appendix A Some Aspects of Number Theory 416
1. A.1 Prime and Relatively Prime Numbers 417
10
2. A.2 Modular Arithmetic 419
2. Appendix B Projects for Teaching Network Security 421
1. B.1 Research Projects 422
2. B.2 Hacking Project 423
3. B.3 Programming Projects 423
4. B.4 Laboratory Exercises 424
5. B.5 Practical Security Assessments 424
6. B.6 Firewall Projects 424
7. B.7 Case Studies 425
8. B.8 Writing Assignments 425
9. B.9 Reading/Report Assignments 425
2. References 426
3. Credits 432
4. Index 434
11
Online Chapters and Appendices 1
1Online chapters, appendices, and other documents are at the Companion Website, available via the
access card at the front of this book.
1. Chapter 13 Network Management Security
1. 13.1 Basic Concepts of SNMP
2. 13.2 SNMPv1 Community Facility
3. 13.3 SNMPv3
4. 13.4 Recommended Reading
1. 13.5 Key Terms, Review Questions, and Problems
2. PART Five: Legal and Ethical Isues
1. Chapter 14 Legal and Ethical Issues
1. 14.1 Cybercrime and Computer Crime
2. 14.2 Intellectual Property
3. 14.3 Privacy
4. 14.4 Ethical Issues
5. 14.5 Recommended Reading
1. 14.6 References
3. 14.A Information Privacy
2. Chapter 15 SHA-3
1. 15.1 The Origins of SHA-3
2. 15.2 Evaluation Criteria for SHA-3
3. 15.3 The Sponge Construction
4. 15.4 The SHA-3 Iteration Function f
5. 15.5 Recommended Reading and Referencess
1. Appendix C Standards and Standards-Setting Organizations
12
1. C.1 The Importance of Standards
2. C.2 Internet Standards and the Internet Society
3. C.3 The National Institute of Standards and Technology
4. C.4 The International Telecommunication Union
5. C.5 The International Organization for Standardization
6. C.6 Significant Security Standards and Documents
2. Appendix D TCP/IP and OSI
1. D.1 Protocols and Protocol Architectures
2. D.2 The TCP/IP Protocol Architecture
3. D.3 The Role of an Internet Protocol
4. D.4 IPv4
5. D.5 IPv6
6. D.6 The OSI Protocol Architecture
3. Appendix E Pseudorandom Number Generation
1. E.1 Prng Requirements
2. E.2 Pseudorandom Number Generation Using a Block Cipher
3. E.3 Pseudorandom Number Generation Using Hash Functions and MACs
4. Appendix F Kerberos Encryption Techniques
1. F.1 Password-To-Key Transformation
2. F.2 Propagating Cipher Block Chaining Mode
5. Appendix G Data Compression Using ZIP
1. G.1 Compression Algorithm
2. G.2 Decompression Algorithm
6. Appendix H PGP
1. H.1 Notation
2. H.2 Operational Description
3. H.3 Cryptographic Keys and Key Rings
4. H.4 Public-Key Management
13
5. H.5 Pgp Random Number Generation
7. Appendix I The International Reference Alphabet
8. Appendix J The Base-Rate Fallacy
1. J.1 Conditional Probability and Independence
2. J.2 Bayes’ Theorem
3. J.3 The Base-Rate Fallacy Demonstrated
4. J.4 References
9. Appendix K Radix-64 Conversion
14
Preface
In this age of universal electronic connectivity, of viruses and hackers, of electronic eavesdropping
and electronic fraud, there is indeed no time at which security does not matter. Two trends have
come together to make the topic of this book of vital interest. First, the explosive growth in computer
systems and their interconnections via networks has increased the dependence of both organizations
and individuals on the information stored and communicated using these systems. This, in turn, has
led to a heightened awareness of the need to protect data and resources from disclosure, to guarantee
the authenticity of data and messages, and to protect systems from network-based attacks. Second,
the disciplines of cryptography and network security have matured, leading to the development of
practical, readily available applications to enforce network security.
What’s New in the Sixth Edition

In the four years since the fifth edition of this book was published, the field has seen continued
innovations and improvements. In this new edition, I try to capture these changes while maintaining
a broad and comprehensive coverage of the entire field. To begin this process of revision, the fifth
edition of this book was extensively reviewed by a number of professors who teach the subject and
by professionals working in the field. The result is that, in many places, the narrative has been
clarified and tightened, and illustrations have been improved.
Beyond these refinements to improve pedagogy and user-friendliness, there have been substantive
changes throughout the book. Roughly the same chapter organization has been retained, but much of
the material has been revised and new material has been added. The most noteworthy changes are as
follows:
Fundamental security design principles: Chapter 1 includes a new section discussing the
security design principles listed as fundamental by the National Centers of Academic
Excellence in Information Assurance/Cyber Defense, which is jointly sponsored by the U.S.
National Security Agency and the U.S. Department of Homeland Security.
Attack surfaces and attack trees: Chapter 1 includes a new section describing these two
concepts, which are useful in evaluating and classifying security threats.
Practical use of RSA: Chapter 3 expands the discussion of RSA encryption and RSA digital
signatures to show how padding and other techniques are used to provide practical security
using RSA.
User authentication model: Chapter 4 includes a new description of a general model for user
authentication, which helps to unify the discussion of the various approaches to user
authentication.
Cloud security: The material on cloud security in Chapter 5 has been updated and expanded to
reflect its importance and recent developments.
Transport Layer Security (TLS): The treatment of TLS in Chapter 6 has been updated,
reorganized to improve clarity, and now includes a discussion of the new TLS version 1.3.
E-mail Security: Chapter 8 has been completely rewritten to provide a comprehensive and up-
15
to-date discussion of e-mail security. It includes:
New: discussion of e-mail threats and a comprehensive approach to e-mail security.
New: discussion of STARTTLS, which provides confidentiality and authentication for

SMTP.
Revised: treatment of S/MIME has been substantially expanded and updated to reflect the
latest version 3.2.
New: discussion of DNSSEC and its role in supporting e-mail security.
New: discussion of DNS-based Authentication of Named Entities (DANE) and the use of
this approach to enhance security for certificate use in SMTP and S/MIME.
New: discussion of Sender Policy Framework (SPF), which is the standardized way for a
sending domain to identify and assert the mail senders for a given domain.
Revised: discussion of DomainKeys Identified Mail (DKIM) has been revised.
New: discussion of Domain-based Message Authentication, Reporting, and Conformance

(DMARC), allows e-mail senders to specify policy on how their mail should be handled,
the types of reports that receivers can send back, and the frequency those reports should be
sent.
Objectives
It is the purpose of this book to provide a practical survey of network security applications and
standards. The emphasis is on applications that are widely used on the Internet and for corporate
networks, and on standards (especially Internet standards) that have been widely deployed.
Support of ACM/IEEE Computer Science

Curricula 2013
The book is intended for both academic and professional audiences. As a textbook, it is intended as a
one-semester undergraduate course in cryptography and network security for computer science,
computer engineering, and electrical engineering majors. The changes to this edition are intended to
provide support of the current draft version of the ACM/IEEE Computer Science Curricula 2013
(CS2013). CS2013 adds Information Assurance and Security (IAS) to the curriculum
recommendation as one of the Knowledge Areas in the Computer Science Body of Knowledge. The
document states that IAS is now part of the curriculum recommendation because of the critical role
of IAS in computer science education. CS2013 divides all course work into three categories: Core-
Tier 1 (all topics should be included in the curriculum), Core-Tier-2 (all or almost all topics should
be included), and elective (desirable to provide breadth and depth). In the IAS area, CS2013
recommends topics in Fundamental Concepts and Network Security in Tier 1 and Tier 2, and
Cryptography topics as elective. This text covers virtually all of the topics listed by CS2013 in these
three categories.
The book also serves as a basic reference volume and is suitable for self-study.
16
Plan of the Text
The book is organized in three parts:
Part One. Cryptography: A concise survey of the cryptographic algorithms and protocols
underlying network security applications, including encryption, hash functions, message
authentication, and digital signatures.
Part Two. Network Security Applications: Covers important network security tools and
applications, including key distribution, Kerberos, X.509v3 certificates, Extensible
Authentication Protocol, S/MIME, IP Security, SSL/TLS, IEEE 802.11i WiFi security, and
cloud security.
Part Three. System Security: Looks at system-level security issues, including the threat of and
countermeasures for malicious software and intruders, and the use of firewalls.
The book includes a number of pedagogic features, including the use of numerous figures and tables
to clarify the discussions. Each chapter includes a list of key words, review questions, homework
problems, and suggestions for further reading. The book also includes an extensive glossary, a list of
frequently used acronyms, and a list of references. In addition, a test bank is available to instructors.
Instructor Support Materials

The major goal of this text is to make it as effective a teaching tool for this exciting and fast-moving
subject as possible. This goal is reflected both in the structure of the book and in the supporting
material. The following supplementary materials that will aid the instructor accompany the text:
Solutions manual: Solutions to all end-of-chapter Review Questions and Problems.
Projects manual: Suggested project assignments for all of the project categories listed below.
PowerPoint slides: A set of slides covering all chapters, suitable for use in lecturing.
PDF files: Reproductions of all figures and tables from the book.
Test bank: A chapter-by-chapter set of questions with a separate file of answers.
Sample syllabi: The text contains more material than can be conveniently covered in one
semester. Accordingly, instructors are provided with several sample syllabi that guide the use of
the text within limited time. These samples are based on real-world experience by professors
who used the fourth edition.
All of these support materials are available at the Instructor Resource Center (IRC) for this
textbook, which can be reached through the Publisher’s Website www.pearsonhighered.com/stallings
or by clicking on the link labeled Pearson Resources for Instructors at this book’s Author Website at
WilliamStallings.com/NetworkSecurity. To gain access to the IRC, please contact your local Pearson
sales representative via pearsonhighered.com/educator/replocator/requestSalesRep.page or call
Pearson Faculty Services at 1-800-526-0485.
The Author Website, at WilliamStallings.com/NetworkSecurity (click on Instructor Resources

link), includes the following:
17
Links to Websites for other courses being taught using this book
Sign-up information for an Internet mailing list for instructors using this book to exchange
information, suggestions, and questions with each other and with the author
Projects and other Student Exercises

For many instructors, an important component of a network security course is a project or set of
projects by which the student gets hands-on experience to reinforce concepts from the text. This
book provides an unparalleled degree of support, including a projects component in the course. The
IRC includes not only guidance on how to assign and structure the projects, but also a set of project
assignments that covers a broad range of topics from the text:
Hacking project: This exercise is designed to illuminate the key issues in intrusion detection and
prevention.
Lab exercises: A series of projects that involve programming and experimenting with concepts
from the book.
Research projects: A series of research assignments that instruct the student to research a
particular topic on the Internet and write a report.
Programming projects: A series of programming projects that cover a broad range of topics and
that can be implemented in any suitable language on any platform.
Practical security assessments: A set of exercises to examine current infrastructure and practices
of an existing organization.
Firewall projects: A portable network firewall visualization simulator is provided, together with
exercises for teaching the fundamentals of firewalls.
Case studies: A set of real-world case studies, including learning objectives, case description,
and a series of case discussion questions.
Writing assignments: A set of suggested writing assignments, organized by chapter.
Reading/report assignments: A list of papers in the literature—one for each chapter—that can
be assigned for the student to read and then write a short report.
This diverse set of projects and other student exercises enables the instructor to use the book as one
component in a rich and varied learning experience and to tailor a course plan to meet the specific
needs of the instructor and students. See Appendix B in this book for details.
Online Content for Students

For this new edition, a tremendous amount of original supporting material for students has been
made available online, at two Web locations. The Author Website, at WilliamStallings.com/
NetworkSecurity (click on Student Resources link), includes a list of relevant links organized by
chapter and an errata sheet for the book.
18
Purchasing this textbook new also grants the reader six months of access to the Companion
Website, which includes the following materials:
Online chapters: To limit the size and cost of the book, three chapters of the book are provided
in PDF format. This includes a chapter on SHA-3, a chapter on SNMP security, and one on
legal and ethical issues. The chapters are listed in this book’s table of contents.
Online appendices: There are numerous interesting topics that support material found in the text
but whose inclusion is not warranted in the printed text. A number of online appendices cover
these topics for the interested student. The appendices are listed in this book’s table of contents.
Homework problems and solutions: To aid the student in understanding the material, a separate
set of homework problems with solutions are available. These enable the students to test their
understanding of the text.
Key papers: A number of papers from the professional literature, many hard to find, are
provided for further reading.
Supporting documents: A variety of other useful documents are referenced in the text and
provided online.
To access the Companion Website, click on the Premium Content link at the Companion Website or
at pearsonhighered.com/stallings and enter the student access code found on the card in the front of
the book.
Relationship to Cryptography and Network

Security
This book is adapted from Cryptography and Network Security, Seventh Edition (CNS7e). CNS7e
provides a substantial treatment of cryptography, key management, and user authentication,
including detailed analysis of algorithms and a significant mathematical component, all of which
covers nearly 500 pages. Network Security Essentials: Applications and Standards, Sixth Edition
(NSE6e), provides instead a concise overview of these topics in Chapters 2 through 4. NSE6e
includes all of the remaining material of CNS7e. NSE6e also covers SNMP security, which is not
covered in CNS7e. Thus, NSE6e is intended for college courses and professional readers whose
interest is primarily in the application of network security and who do not need or desire to delve
deeply into cryptographic theory and principles.
Acknowledgments
This new edition has benefited from review by a number of people who gave generously of their
time and expertise. The following professors reviewed the manuscript: Jim Helm (Arizona State
University, Ira A. Fulton College of Engineering, Information Technology), Ali Saman Tosun
(University of Texas at San Antonio, Computer Science Department), Haibo Wang (DIBTS, Texas
A&M International University), Xunhua Wang (James Madison University, Department of
Computer Science), Robert Kayl (University of Maryland University College), Scott Anderson
(Southern Adventist University, School of Computing), and Jonathan Katz (University of Maryland,
Department of Computer Science).
19
Thanks also to the people who provided detailed technical reviews of one or more chapters: Kashif
Aftab, Alan Cantrell, Rajiv Dasmohapatra, Edip Demirbilek, Dan Dieterle, Gerardo Iglesias Galvan,
Michel Garcia, David Gueguen, Anasuya Threse Innocent, Dennis Kavanagh, Duncan Keir, Robert
Knox, Bo Lin, Kousik Nandy, Nickolay Olshevsky, Massimiliano Sembiante, Oscar So, and Varun
Tewari.
Nikhil Bhargava (IIT Delhi) developed the set of online homework problems and solutions.
Professor Sreekanth Malladi of Dakota State University developed the hacking exercises. Sanjay Rao
and Ruben Torres of Purdue developed the laboratory exercises that appear in the IRC.
The following people contributed project assignments that appear in the instructor’s supplement:
Henning Schulzrinne (Columbia University), Cetin Kaya Koc (Oregon State University), and David
Balenson (Trusted Information Systems and George Washington University). Kim McLaughlin
developed the test bank.
Finally, I thank the many people responsible for the publication of this text, all of whom did their
usual excellent job. This includes the staff at Pearson, particularly my editor Tracy Johnson, program
manager Carole Snyder, and production manager Bob Engelhardt. Thanks also to the marketing and
sales staffs at Pearson, without whose efforts this text would not be in front of you.
20
About the Author
Dr. William Stallings has authored 18 titles, and counting revised editions, over 40 books on
computer security, computer networking, and computer architecture. His writings have appeared in
numerous publications, including the Proceedings of the IEEE, ACM Computing Reviews, and
Cryptologia.
He has 13 times received the award for the best Computer Science textbook of the year from the Text
and Academic Authors Association.
In over 30 years in the field, he has been a technical contributor, technical manager, and an executive
with several high-technology firms. He has designed and implemented both TCP/IP-based and OSI-
based protocol suites on a variety of computers and operating systems, ranging from microcomputers
to mainframes. As a consultant, he has advised government agencies, computer and software
vendors, and major users on the design, selection, and use of networking software and products.
He created and maintains the Computer Science Student Resource Site at

ComputerScienceStudent.com. This site provides documents and links on a variety of subjects of
general interest to computer science students (and professionals). He is a member of the editorial
board of Cryptologia, a scholarly journal devoted to all aspects of cryptology.
Dr. Stallings holds a Ph.D. from MIT in Computer Science and a B.S. from Notre Dame in electrical
engineering.
21
Chapter 1 Introduction
1. 1.1 Computer Security Concepts
1. A Definition of Computer Security
2. Examples
3. The Challenges of Computer Security
2. 1.2 The OSI Security Architecture
3. 1.3 Security Attacks
1. Passive Attacks
2. Active Attacks
4. 1.4 Security Services
1. Authentication
2. Access Control
3. Data Confidentiality
4. Data Integrity
5. Nonrepudiation
6. Availability Service
5. 1.5 Security Mechanisms
6. 1.6 Fundamental Security Design Principles
7. 1.7 Attack Surfaces and Attack Trees
1. Attack Surfaces
2. Attack Trees
8. 1.8 A Model for Network Security
9. 1.9 Standards
Learning Objectives
After studying this chapter, you should be able to:
22
Describe the key security requirements of confidentiality, integrity, and availability.
Describe the X.800 security architecture for OSI.
Discuss the types of security threats and attacks that must be dealt with and give examples of
the types of threats and attacks that apply to different categories of computer and network
assets.
Explain the fundamental security design principles.
Discuss the use of attack surfaces and attack trees.
List and briefly describe key organizations involved in cryptography standards.
The requirements of information security within an organization have undergone two major changes
in the last several decades. Before the widespread use of data processing equipment, the security of
information felt to be valuable to an organization was provided primarily by physical and
administrative means. An example of the former is the use of rugged filing cabinets with a
combination lock for storing sensitive documents. An example of the latter is personnel screening
procedures used during the hiring process.
With the introduction of the computer, the need for automated tools for protecting files and other
information stored on the computer became evident. This is especially the case for a shared system,
such as a time-sharing system, and the need is even more acute for systems that can be accessed over
a public telephone network, data network, or the Internet. The generic name for the collection of
tools designed to protect data and to thwart hackers is computer security.
The second major change that affected security is the introduction of distributed systems and the use
of networks and communications facilities for carrying data between terminal user and computer and
between computer and computer. Network security measures are needed to protect data during their
transmission. In fact, the term network security is somewhat misleading, because virtually all
business, government, and academic organizations interconnect their data processing equipment with
a collection of interconnected networks. Such a collection is often referred to as an internet,1 and the
term internet security is used.
1We use the term internet with a lowercase “i” to refer to any interconnected collection of network.
A corporate intranet is an example of an internet. The Internet with a capital “I” may be one of the
facilities used by an organization to construct its internet.
There are no clear boundaries between these two forms of security. For example, a computer virus
may be introduced into a system physically when it arrives on a flash drive or an optical disk and is
subsequently loaded onto a computer. Viruses may also arrive over an internet. In either case, once
the virus is resident on a computer system, internal computer security tools are needed to detect and
recover from the virus.
This book focuses on internet security, which consists of measures to deter, prevent, detect, and
correct security violations that involve the transmission of information. That is a broad statement that
covers a host of possibilities. To give you a feel for the areas covered in this book, consider the
following examples of security violations:
1. User A transmits a file to user B. The file contains sensitive information (e.g., payroll records)
that is to be protected from disclosure. User C, who is not authorized to read the file, is able to
monitor the transmission and capture a copy of the file during its transmission.
23
2. A network manager, D, transmits a message to a computer, E, under its management. The
message instructs computer E to update an authorization file to include the identities of a
number of new users who are to be given access to that computer. User F intercepts the
message, alters its contents to add or delete entries, and then forwards the message to E, which
accepts the message as coming from manager D and updates its authorization file accordingly.
3. Rather than intercept a message, user F constructs its own message with the desired entries and
transmits that message to E as if it had come from manager D. Computer E accepts the message
as coming from manager D and updates its authorization file accordingly.
4. An employee is fired without warning. The personnel manager sends a message to a server
system to invalidate the employee’s account. When the invalidation is accomplished, the server
is to post a notice to the employee’s file as confirmation of the action. The employee is able to
intercept the message and delay it long enough to make a final access to the server to retrieve
sensitive information. The message is then forwarded, the action taken, and the confirmation
posted. The employee’s action may go unnoticed for some considerable time.
5. A message is sent from a customer to a stockbroker with instructions for various transactions.
Subsequently, the investments lose value and the customer denies sending the message.
Although this list by no means exhausts the possible types of security violations, it illustrates the
range of concerns of network security.
This chapter provides a general overview of the subject matter that structures the material in the
remainder of the book. We begin with a general discussion of network security services and
mechanisms and of the types of attacks they are designed for. Then we develop a general overall
model within which the security services and mechanisms can be viewed.
24
1.1 Computer Security Concepts
A Definition of Computer Security
The NIST Computer Security Handbook [NIST95] defines the term computer security as
Computer Security:
The protection afforded to an automated information system in order to attain the applicable
objectives of preserving the integrity, availability, and confidentiality of information system
resources (includes hardware, software, firmware, information/data, and telecommunications).
This definition introduces three key objectives that are at the heart of computer security.
Confidentiality: This term covers two related concepts:
Data2 confidentiality: Assures that private or confidential information is not made

available or disclosed to unauthorized individuals.
2RFC 4949 defines information as “facts and ideas, which can be represented (encoded) as
various forms of data,” and data as “information in a specific physical representation,
usually a sequence of symbols that have meaning; especially a representation of
information that can be processed or produced by a computer.” Security literature typically
does not make much of a distinction, nor does this book.
Privacy: Assures that individuals control or influence what information related to them
may be collected and stored and by whom and to whom that information may be disclosed.
Integrity: This term covers two related concepts:
Data integrity: Assures that data (both stored and in transmitted packets) and programs are
changed only in a specified and authorized manner.
System integrity: Assures that a system performs its intended function in an unimpaired
manner, free from deliberate or inadvertent unauthorized manipulation of the system.
Availability: Assures that systems work promptly and service is not denied to authorized users.
These three concepts form what is often referred to as the CIA triad. The three concepts embody the
fundamental security objectives for both data and for information and computing services. For
example, the NIST Standards for Security Categorization of Federal Information and Information
Systems (FIPS 199) lists confidentiality, integrity, and availability as the three security objectives for
information and for information systems. FIPS 199 provides a useful characterization of these three
objectives in terms of requirements and the definition of a loss of security in each category.
Confidentiality: Preserving authorized restrictions on information access and disclosure,

including means for protecting personal privacy and proprietary information. A loss of
confidentiality is the unauthorized disclosure of information.
25
Integrity: Guarding against improper information modification or destruction, including
ensuring information nonrepudiation and authenticity. A loss of integrity is the unauthorized
modification or destruction of information.
Availability: Ensuring timely and reliable access to and use of information. A loss of
availability is the disruption of access to or use of information or an information system.
Although the use of the CIA triad to define security objectives is well established, some in the
security field feel that additional concepts are needed to present a complete picture (Figure 1.1). Two
of the most commonly mentioned are
Figure 1.1
Essential Network and Computer Security Requirements
Authenticity: The property of being genuine and being able to be verified and trusted;
confidence in the validity of a transmission, a message, or message originator. This means
verifying that users are who they say they are and that each input arriving at the system came
from a trusted source.
Accountability: The security goal that generates the requirement for actions of an entity to be
traced uniquely to that entity. This supports nonrepudiation, deterrence, fault isolation, intrusion
detection and prevention, and after-action recovery and legal action. Because truly secure
systems are not yet an achievable goal, we must be able to trace a security breach to a
responsible party. Systems must keep records of their activities to permit later forensic analysis
to trace security breaches or to aid in transaction disputes.
Examples
We now provide some examples of applications that illustrate the requirements just enumerated.3
For these examples, we use three levels of impact on organizations or individuals should there be a
breach of security (i.e., a loss of confidentiality, integrity, or availability). These levels are defined in
FIPS 199:
3Theseexamples are taken from a security policy document published by the Information
Technology Security and Privacy Office at Purdue University.
Low: The loss could be expected to have a limited adverse effect on organizational operations,
organizational assets, or individuals. A limited adverse effect means that, for example, the loss
26
of confidentiality, integrity, or availability might (i) cause a degradation in mission capability to
an extent and duration that the organization is able to perform its primary functions, but the
effectiveness of the functions is noticeably reduced; (ii) result in minor damage to
organizational assets; (iii) result in minor financial loss; or (iv) result in minor harm to
individuals.
Moderate: The loss could be expected to have a serious adverse effect on organizational
operations, organizational assets, or individuals. A serious adverse effect means that, for
example, the loss might (i) cause a significant degradation in mission capability to an extent and
duration that the organization is able to perform its primary functions, but the effectiveness of
the functions is significantly reduced; (ii) result in significant damage to organizational assets;
(iii) result in significant financial loss; or (iv) result in significant harm to individuals that does
not involve loss of life or serious, life-threatening injuries.
High: The loss could be expected to have a severe or catastrophic adverse effect on
organizational operations, organizational assets, or individuals. A severe or catastrophic adverse
effect means that, for example, the loss might (i) cause a severe degradation in or loss of
mission capability to an extent and duration that the organization is not able to perform one or
more of its primary functions; (ii) result in major damage to organizational assets; (iii) result in
major financial loss; or (iv) result in severe or catastrophic harm to individuals involving loss of
life or serious, life-threatening injuries.
Confidentiality
Student grade information is an asset whose confidentiality is considered to be highly important by

students. In the United States, the release of such information is regulated by the Family Educational
Rights and Privacy Act (FERPA). Grade information should only be available to students, their
parents, and employees that require the information to do their job. Student enrollment information
may have a moderate confidentiality rating. While still covered by FERPA, this information is seen
by more people on a daily basis, is less likely to be targeted than grade information, and results in
less damage if disclosed. Directory information (such as lists of students, faculty, or departmental
lists) may be assigned a low confidentiality rating or indeed no rating. This information is typically
freely available to the public and published on a school’s Web site.
Integrity
Several aspects of integrity are illustrated by the example of a hospital patient’s allergy information
stored in a database. The doctor should be able to trust that the information is correct and current.
Now suppose that an employee (e.g., a nurse) who is authorized to view and update this information
deliberately falsifies the data to cause harm to the hospital. The database needs to be restored to a
trusted basis quickly, and it should be possible to trace the error back to the person responsible.
Patient allergy information is an example of an asset with a high requirement for integrity. Inaccurate
information could result in serious harm or death to a patient and expose the hospital to massive
liability.
An example of an asset that may be assigned a moderate level of integrity requirement is a Web site
27
that offers a forum to registered users to discuss some specific topic. Either a registered user or a
hacker could falsify some entries or deface the Web site. If the forum exists only for the enjoyment
of the users, brings in little or no advertising revenue, and is not used for something important such
as research, then potential damage is not severe. The Web master may experience some data,
financial, and time loss.
An example of a low-integrity requirement is an anonymous online poll. Many Web sites, such as
news organizations, offer these polls to their users with very few safeguards. However, the
inaccuracy and unscientific nature of such polls are well understood.
Availability
The more critical a component or service, the higher is the level of availability required. Consider a
system that provides authentication services for critical systems, applications, and devices. An
interruption of service results in the inability for customers to access computing resources and for the
staff to access the resources they need to perform critical tasks. The loss of the service translates into
a large financial loss due to lost employee productivity and potential customer loss.
An example of an asset that typically would be rated as having a moderate availability requirement is
a public Web site for a university; the Web site provides information for current and prospective
students and donors. Such a site is not a critical component of the university’s information system,
but its unavailability will cause some embarrassment.
An online telephone directory lookup application would be classified as a low-availability

requirement. Although the temporary loss of the application may be an annoyance, there are other
ways to access the information, such as a hardcopy directory or the operator.
The Challenges of Computer Security

Computer and network security is both fascinating and complex. Some of the reasons include:
1. Security is not as simple as it might first appear to the novice. The requirements seem to be
straightforward; indeed, most of the major requirements for security services can be given self-
explanatory, one-word labels: confidentiality, authentication, nonrepudiation, and integrity. But
the mechanisms used to meet those requirements can be quite complex, and understanding them
may involve rather subtle reasoning.
2. In developing a particular security mechanism or algorithm, one must always consider potential
attacks on those security features. In many cases, successful attacks are designed by looking at
the problem in a completely different way, therefore exploiting an unexpected weakness in the
mechanism.
3. Because of point 2, the procedures used to provide particular services are often counterintuitive.
Typically, a security mechanism is complex, and it is not obvious from the statement of a
particular requirement that such elaborate measures are needed. It is only when the various
aspects of the threat are considered that elaborate security mechanisms make sense.
4. Having designed various security mechanisms, it is necessary to decide where to use them. This
28
is true both in terms of physical placement (e.g., at what points in a network are certain security
mechanisms needed) and in a logical sense [e.g., at what layer or layers of an architecture such
as TCP/IP (Transmission Control Protocol/Internet Protocol) should mechanisms be placed].
5. Security mechanisms typically involve more than a particular algorithm or protocol. They also
require that participants be in possession of some secret information (e.g., an encryption key),
which raises questions about the creation, distribution, and protection of that secret information.
There also may be a reliance on communications protocols whose behavior may complicate the
task of developing the security mechanism. For example, if the proper functioning of the
security mechanism requires setting time limits on the transit time of a message from sender to
receiver, then any protocol or network that introduces variable, unpredictable delays may render
such time limits meaningless.
6. Computer and network security is essentially a battle of wits between a perpetrator who tries to
find holes and the designer or administrator who tries to close them. The great advantage that
the attacker has is that he or she need only find a single weakness, while the designer must find
and eliminate all weaknesses to achieve perfect security.
7. There is a natural tendency on the part of users and system managers to perceive little benefit
from security investment until a security failure occurs.
8. Security requires regular, even constant, monitoring, and this is difficult in today’s short-term,
overloaded environment.
9. Security is still too often an afterthought to be incorporated into a system after the design is
complete rather than being an integral part of the design process.
10. Many users (and even security administrators) view strong security as an impediment to
efficient and user-friendly operation of an information system or use of information.
The difficulties just enumerated will be encountered in numerous ways as we examine the various
security threats and mechanisms throughout this book.
29
1.2 The OSI Security Architecture
To assess effectively the security needs of an organization and to evaluate and choose various
security products and policies, the manager responsible for computer and network security needs
some systematic way of defining the requirements for security and characterizing the approaches to
satisfying those requirements. This is difficult enough in a centralized data processing environment;
with the use of local and wide area networks, the problems are compounded.
ITU-T4 Recommendation X.800, Security Architecture for OSI, defines such a systematic
approach.5 The OSI security architecture is useful to managers as a way of organizing the task of
providing security. Furthermore, because this architecture was developed as an international
standard, computer and communications vendors have developed security features for their products
and services that relate to this structured definition of services and mechanisms.
4The International Telecommunication Union (ITU) Telecommunication Standardization Sector
(ITU-T) is a United Nations-sponsored agency that develops standards, called Recommendations,
relating to telecommunications and to open systems interconnection (OSI).
5The OSI security architecture was developed in the context of the OSI protocol architecture, which
is described in Appendix D. However, for our purposes in this chapter, an understanding of the OSI
protocol architecture is not required.
For our purposes, the OSI security architecture provides a useful, if abstract, overview of many of
the concepts that this book deals with. The OSI security architecture focuses on security attacks,
mechanisms, and services. These can be defined briefly as
Security attack: Any action that compromises the security of information owned by an
organization.
Security mechanism: A process (or a device incorporating such a process) that is designed to
detect, prevent, or recover from a security attack.
Security service: A processing or communication service that enhances the security of the data
processing systems and the information transfers of an organization. The services are intended
to counter security attacks, and they make use of one or more security mechanisms to provide
the service.
In the literature, the terms threat and attack are commonly used to mean more or less the same thing.
Table 1.1 provides definitions taken from RFC 4949, Internet Security Glossary.
Table 1.1 Threats and Attacks (RFC

4949)
Threat
A potential for violation of security, which exists when there is a circumstance, capability,
action, or event that could breach security and cause harm. That is, a threat is a possible
30
danger that might exploit a vulnerability.
Attack
An assault on system security that derives from an intelligent threat. That is, an intelligent
act that is a deliberate attempt (especially in the sense of a method or technique) to evade
security services and violate the security policy of a system.
31
1.3 Security Attacks
A useful means of classifying security attacks, used both in X.800 and RFC 4949, is in terms of
passive attacks and active attacks. A passive attack attempts to learn or make use of information
from the system but does not affect system resources. An active attack attempts to alter system
resources or affect their operation.
Passive Attacks
Passive attacks (Figure 1.2a) are in the nature of eavesdropping on, or monitoring of, transmissions.
The goal of the opponent is to obtain information that is being transmitted. Two types of passive
attacks are the release of message contents and traffic analysis.
Figure 1.2
Security Attacks
Description
The release of message contents is easily understood. A telephone conversation, an electronic mail
message, and a transferred file may contain sensitive or confidential information. We would like to
32
prevent an opponent from learning the contents of these transmissions.
A second type of passive attack, traffic analysis, is subtler. Suppose that we had a way of masking
the contents of messages or other information traffic so that opponents, even if they captured the
message, could not extract the information from the message. The common technique for masking
contents is encryption. If we had encryption protection in place, an opponent still might be able to
observe the pattern of these messages. The opponent could determine the location and identity of
communicating hosts and could observe the frequency and length of messages being exchanged. This
information might be useful in guessing the nature of the communication that was taking place.
Passive attacks are very difficult to detect, because they do not involve any alteration of the data.
Typically, the message traffic is sent and received in an apparently normal fashion, and neither the
sender nor the receiver is aware that a third party has read the messages or observed the traffic
pattern. However, it is feasible to prevent the success of these attacks, usually by means of
encryption. Thus, the emphasis in dealing with passive attacks is on prevention rather than detection.
Active Attacks
Active attacks (Figure 1.2b) involve some modification of the data stream or the creation of a false
stream and can be subdivided into four categories: masquerade, replay, modification of messages,
and denial of service.
A masquerade takes place when one entity pretends to be a different entity (path 2 of Figure 1.2b is
active). A masquerade attack usually includes one of the other forms of active attack. For example,
authentication sequences can be captured and replayed after a valid authentication sequence has
taken place, thus enabling an authorized entity with few privileges to obtain extra privileges by
impersonating an entity that has those privileges.
Replay involves the passive capture of a data unit and its subsequent retransmission to produce an
unauthorized effect (paths 1, 2, and 3 active).
Modification of messages simply means that some portion of a legitimate message is altered, or that
messages are delayed or reordered, to produce an unauthorized effect (paths 1 and 2 active). For
example, a message meaning “Allow John Smith to read confidential file accounts” is modified to
mean “Allow Fred Brown to read confidential file accounts.”
The denial of service prevents or inhibits the normal use or management of communications facilities
(path 3 active). This attack may have a specific target; for example, an entity may suppress all
messages directed to a particular destination (e.g., the security audit service). Another form of
service denial is the disruption of an entire network—either by disabling the network or by
overloading it with messages so as to degrade performance.
Active attacks present the opposite characteristics of passive attacks. Whereas passive attacks are
difficult to detect, measures are available to prevent their success. On the other hand, it is quite
difficult to prevent active attacks absolutely because of the wide variety of potential physical,
software, and network vulnerabilities. Instead, the goal is to detect active attacks and to recover from
any disruption or delays caused by them. If the detection has a deterrent effect, it also may contribute
to prevention.
33
1.4 Security Services
X.800 defines a security service as a service that is provided by a protocol layer of communicating
open systems and that ensures adequate security of the systems or of data transfers. Perhaps a clearer
definition is found in RFC 4949, which provides the following definition: A processing or
communication service that is provided by a system to give a specific kind of protection to system
resources; security services implement security policies and are implemented by security
mechanisms.
X.800 divides these services into five categories and fourteen specific services (Table 1.2). We look
at each category in turn.6
6There is no universal agreement about many of the terms used in the security literature. For
example, the term integrity is sometimes used to refer to all aspects of information security. The term
authentication is sometimes used to refer both to verification of identity and to the various functions
listed under integrity in this chapter. Our usage here agrees with both X.800 and RFC 4949.
Table 1.2 Security Services (X.800)

Data Integrity
The assurance that data received are

exactly as sent by an authorized entity
(i.e., contain no modification, insertion,
Authentication deletion, or replay).
The assurance that the communicating Connection Integrity with Recovery
entity is the one that it claims to be.
Provides for the integrity of all user data on a
Peer Entity Authentication connection and detects any modification,
insertion, deletion, or replay of any data
Used in association with a logical within an entire data sequence, with recovery
connection to provide confidence in the attempted.
identity of the entities connected.
Connection Integrity without Recovery
Data-Origin Authentication
As above, but provides only detection without
In a connectionless transfer, provides recovery.
assurance that the source of received data is
as claimed. Selective-Field Connection Integrity
Access Control Provides for the integrity of selected fields
within the user data of a data block
The prevention of unauthorized use of transferred over a connection and takes the
a resource (i.e., this service controls form of determination of whether the selected
who can have access to a resource, fields have been modified, inserted, deleted,
under what conditions access can or replayed.
occur, and what those accessing the
34
Data Confidentiality Connectionless Integrity
The protection of data from Provides for the integrity of a single

unauthorized disclosure. connectionless data block and may take the
form of detection of data modification.
Connection Confidentiality Additionally, a limited form of replay
detection may be provided.
The protection of all user data on a
connection. Selective-Field Connectionless Integrity
Connectionless Confidentiality Provides for the integrity of selected fields

within a single connectionless data block;
The protection of all user data in a single takes the form of determination of whether
data block. the selected fields have been modified.
Selective-Field Confidentiality Nonrepudiation
The confidentiality of selected fields within Provides protection against denial by
the user data on a connection or in a single one of the entities involved in a
data block. communication of having participated in
all or part of the communication.
Traffic-Flow Confidentiality
Nonrepudiation, Origin
The protection of the information that
might be derived from observation of Proof that the message was sent by the
traffic flows. specified party.
Nonrepudiation, Destination
Proof that the message was received by the

specified party.
Authentication
The authentication service is concerned with assuring that a communication is authentic. In the case
of a single message, such as a warning or alarm signal, the function of the authentication service is to
assure the recipient that the message is from the source that it claims to be from. In the case of an
ongoing interaction, such as the connection of a terminal to a host, two aspects are involved. First, at
the time of connection initiation, the service assures that the two entities are authentic (i.e., that each
is the entity that it claims to be). Second, the service must assure that the connection is not interfered
with in such a way that a third party can masquerade as one of the two legitimate parties for the
purposes of unauthorized transmission or reception.
Two specific authentication services are defined in X.800:
Peer entity authentication: Provides for the corroboration of the identity of a peer entity in an
association. Two entities are considered peers if they implement the same protocol in different
systems (e.g., two TCP modules in two communicating systems). Peer entity authentication is
provided for use at the establishment of or during the data transfer phase of a connection. It
attempts to provide confidence that an entity is not performing either a masquerade or an
unauthorized replay of a previous connection.
35
Another random document with
no related content on Scribd:
DANCE ON STILTS AT THE GIRLS’ UNYAGO, NIUCHI
Newala, too, suffers from the distance of its water-supply—at least

the Newala of to-day does; there was once another Newala in a lovely
valley at the foot of the plateau. I visited it and found scarcely a trace
of houses, only a Christian cemetery, with the graves of several
missionaries and their converts, remaining as a monument of its
former glories. But the surroundings are wonderfully beautiful. A
thick grove of splendid mango-trees closes in the weather-worn
crosses and headstones; behind them, combining the useful and the
agreeable, is a whole plantation of lemon-trees covered with ripe
fruit; not the small African kind, but a much larger and also juicier
imported variety, which drops into the hands of the passing traveller,
without calling for any exertion on his part. Old Newala is now under
the jurisdiction of the native pastor, Daudi, at Chingulungulu, who,
as I am on very friendly terms with him, allows me, as a matter of
course, the use of this lemon-grove during my stay at Newala.
FEET MUTILATED BY THE RAVAGES OF THE “JIGGER”
(Sarcopsylla penetrans)
The water-supply of New Newala is in the bottom of the valley,

some 1,600 feet lower down. The way is not only long and fatiguing,
but the water, when we get it, is thoroughly bad. We are suffering not
only from this, but from the fact that the arrangements at Newala are
nothing short of luxurious. We have a separate kitchen—a hut built
against the boma palisade on the right of the baraza, the interior of
which is not visible from our usual position. Our two cooks were not
long in finding this out, and they consequently do—or rather neglect
to do—what they please. In any case they do not seem to be very
particular about the boiling of our drinking-water—at least I can
attribute to no other cause certain attacks of a dysenteric nature,
from which both Knudsen and I have suffered for some time. If a
man like Omari has to be left unwatched for a moment, he is capable
of anything. Besides this complaint, we are inconvenienced by the
state of our nails, which have become as hard as glass, and crack on
the slightest provocation, and I have the additional infliction of
pimples all over me. As if all this were not enough, we have also, for
the last week been waging war against the jigger, who has found his
Eldorado in the hot sand of the Makonde plateau. Our men are seen
all day long—whenever their chronic colds and the dysentery likewise
raging among them permit—occupied in removing this scourge of
Africa from their feet and trying to prevent the disastrous
consequences of its presence. It is quite common to see natives of
this place with one or two toes missing; many have lost all their toes,
or even the whole front part of the foot, so that a well-formed leg
ends in a shapeless stump. These ravages are caused by the female of
Sarcopsylla penetrans, which bores its way under the skin and there
develops an egg-sac the size of a pea. In all books on the subject, it is
stated that one’s attention is called to the presence of this parasite by
an intolerable itching. This agrees very well with my experience, so
far as the softer parts of the sole, the spaces between and under the
toes, and the side of the foot are concerned, but if the creature
penetrates through the harder parts of the heel or ball of the foot, it
may escape even the most careful search till it has reached maturity.
Then there is no time to be lost, if the horrible ulceration, of which
we see cases by the dozen every day, is to be prevented. It is much
easier, by the way, to discover the insect on the white skin of a
European than on that of a native, on which the dark speck scarcely
shows. The four or five jiggers which, in spite of the fact that I
constantly wore high laced boots, chose my feet to settle in, were
taken out for me by the all-accomplished Knudsen, after which I
thought it advisable to wash out the cavities with corrosive
sublimate. The natives have a different sort of disinfectant—they fill
the hole with scraped roots. In a tiny Makua village on the slope of
the plateau south of Newala, we saw an old woman who had filled all
the spaces under her toe-nails with powdered roots by way of
prophylactic treatment. What will be the result, if any, who can say?
The rest of the many trifling ills which trouble our existence are
really more comic than serious. In the absence of anything else to
smoke, Knudsen and I at last opened a box of cigars procured from
the Indian store-keeper at Lindi, and tried them, with the most
distressing results. Whether they contain opium or some other
narcotic, neither of us can say, but after the tenth puff we were both
“off,” three-quarters stupefied and unspeakably wretched. Slowly we
recovered—and what happened next? Half-an-hour later we were
once more smoking these poisonous concoctions—so insatiable is the
craving for tobacco in the tropics.
Even my present attacks of fever scarcely deserve to be taken
seriously. I have had no less than three here at Newala, all of which
have run their course in an incredibly short time. In the early
afternoon, I am busy with my old natives, asking questions and
making notes. The strong midday coffee has stimulated my spirits to
an extraordinary degree, the brain is active and vigorous, and work
progresses rapidly, while a pleasant warmth pervades the whole
body. Suddenly this gives place to a violent chill, forcing me to put on
my overcoat, though it is only half-past three and the afternoon sun
is at its hottest. Now the brain no longer works with such acuteness
and logical precision; more especially does it fail me in trying to
establish the syntax of the difficult Makua language on which I have
ventured, as if I had not enough to do without it. Under the
circumstances it seems advisable to take my temperature, and I do
so, to save trouble, without leaving my seat, and while going on with
my work. On examination, I find it to be 101·48°. My tutors are
abruptly dismissed and my bed set up in the baraza; a few minutes
later I am in it and treating myself internally with hot water and
lemon-juice.
Three hours later, the thermometer marks nearly 104°, and I make
them carry me back into the tent, bed and all, as I am now perspiring
heavily, and exposure to the cold wind just beginning to blow might
mean a fatal chill. I lie still for a little while, and then find, to my
great relief, that the temperature is not rising, but rather falling. This
is about 7.30 p.m. At 8 p.m. I find, to my unbounded astonishment,
that it has fallen below 98·6°, and I feel perfectly well. I read for an
hour or two, and could very well enjoy a smoke, if I had the
wherewithal—Indian cigars being out of the question.
Having no medical training, I am at a loss to account for this state
of things. It is impossible that these transitory attacks of high fever
should be malarial; it seems more probable that they are due to a
kind of sunstroke. On consulting my note-book, I become more and
more inclined to think this is the case, for these attacks regularly
follow extreme fatigue and long exposure to strong sunshine. They at
least have the advantage of being only short interruptions to my
work, as on the following morning I am always quite fresh and fit.
My treasure of a cook is suffering from an enormous hydrocele which
makes it difficult for him to get up, and Moritz is obliged to keep in
the dark on account of his inflamed eyes. Knudsen’s cook, a raw boy
from somewhere in the bush, knows still less of cooking than Omari;
consequently Nils Knudsen himself has been promoted to the vacant
post. Finding that we had come to the end of our supplies, he began
by sending to Chingulungulu for the four sucking-pigs which we had
bought from Matola and temporarily left in his charge; and when
they came up, neatly packed in a large crate, he callously slaughtered
the biggest of them. The first joint we were thoughtless enough to
entrust for roasting to Knudsen’s mshenzi cook, and it was
consequently uneatable; but we made the rest of the animal into a
jelly which we ate with great relish after weeks of underfeeding,
consuming incredible helpings of it at both midday and evening
meals. The only drawback is a certain want of variety in the tinned
vegetables. Dr. Jäger, to whom the Geographical Commission
entrusted the provisioning of the expeditions—mine as well as his
own—because he had more time on his hands than the rest of us,
seems to have laid in a huge stock of Teltow turnips,[46] an article of
food which is all very well for occasional use, but which quickly palls
when set before one every day; and we seem to have no other tins
left. There is no help for it—we must put up with the turnips; but I
am certain that, once I am home again, I shall not touch them for ten
years to come.
Amid all these minor evils, which, after all, go to make up the
genuine flavour of Africa, there is at least one cheering touch:
Knudsen has, with the dexterity of a skilled mechanic, repaired my 9
× 12 cm. camera, at least so far that I can use it with a little care.
How, in the absence of finger-nails, he was able to accomplish such a
ticklish piece of work, having no tool but a clumsy screw-driver for
taking to pieces and putting together again the complicated
mechanism of the instantaneous shutter, is still a mystery to me; but
he did it successfully. The loss of his finger-nails shows him in a light
contrasting curiously enough with the intelligence evinced by the
above operation; though, after all, it is scarcely surprising after his
ten years’ residence in the bush. One day, at Lindi, he had occasion
to wash a dog, which must have been in need of very thorough
cleansing, for the bottle handed to our friend for the purpose had an
extremely strong smell. Having performed his task in the most
conscientious manner, he perceived with some surprise that the dog
did not appear much the better for it, and was further surprised by
finding his own nails ulcerating away in the course of the next few
days. “How was I to know that carbolic acid has to be diluted?” he
mutters indignantly, from time to time, with a troubled gaze at his
mutilated finger-tips.
Since we came to Newala we have been making excursions in all
directions through the surrounding country, in accordance with old
habit, and also because the akida Sefu did not get together the tribal
elders from whom I wanted information so speedily as he had
promised. There is, however, no harm done, as, even if seen only
from the outside, the country and people are interesting enough.
The Makonde plateau is like a large rectangular table rounded off
at the corners. Measured from the Indian Ocean to Newala, it is
about seventy-five miles long, and between the Rovuma and the
Lukuledi it averages fifty miles in breadth, so that its superficial area
is about two-thirds of that of the kingdom of Saxony. The surface,
however, is not level, but uniformly inclined from its south-western
edge to the ocean. From the upper edge, on which Newala lies, the
eye ranges for many miles east and north-east, without encountering
any obstacle, over the Makonde bush. It is a green sea, from which
here and there thick clouds of smoke rise, to show that it, too, is
inhabited by men who carry on their tillage like so many other
primitive peoples, by cutting down and burning the bush, and
manuring with the ashes. Even in the radiant light of a tropical day
such a fire is a grand sight.
Much less effective is the impression produced just now by the
great western plain as seen from the edge of the plateau. As often as
time permits, I stroll along this edge, sometimes in one direction,
sometimes in another, in the hope of finding the air clear enough to
let me enjoy the view; but I have always been disappointed.
Wherever one looks, clouds of smoke rise from the burning bush,
and the air is full of smoke and vapour. It is a pity, for under more
favourable circumstances the panorama of the whole country up to
the distant Majeje hills must be truly magnificent. It is of little use
taking photographs now, and an outline sketch gives a very poor idea
of the scenery. In one of these excursions I went out of my way to
make a personal attempt on the Makonde bush. The present edge of
the plateau is the result of a far-reaching process of destruction
through erosion and denudation. The Makonde strata are
everywhere cut into by ravines, which, though short, are hundreds of
yards in depth. In consequence of the loose stratification of these
beds, not only are the walls of these ravines nearly vertical, but their
upper end is closed by an equally steep escarpment, so that the
western edge of the Makonde plateau is hemmed in by a series of
deep, basin-like valleys. In order to get from one side of such a ravine
to the other, I cut my way through the bush with a dozen of my men.
It was a very open part, with more grass than scrub, but even so the
short stretch of less than two hundred yards was very hard work; at
the end of it the men’s calicoes were in rags and they themselves
bleeding from hundreds of scratches, while even our strong khaki
suits had not escaped scatheless.
NATIVE PATH THROUGH THE MAKONDE BUSH, NEAR

MAHUTA
I see increasing reason to believe that the view formed some time
back as to the origin of the Makonde bush is the correct one. I have
no doubt that it is not a natural product, but the result of human
occupation. Those parts of the high country where man—as a very
slight amount of practice enables the eye to perceive at once—has not
yet penetrated with axe and hoe, are still occupied by a splendid
timber forest quite able to sustain a comparison with our mixed
forests in Germany. But wherever man has once built his hut or tilled
his field, this horrible bush springs up. Every phase of this process
may be seen in the course of a couple of hours’ walk along the main
road. From the bush to right or left, one hears the sound of the axe—
not from one spot only, but from several directions at once. A few
steps further on, we can see what is taking place. The brush has been
cut down and piled up in heaps to the height of a yard or more,
between which the trunks of the large trees stand up like the last
pillars of a magnificent ruined building. These, too, present a
melancholy spectacle: the destructive Makonde have ringed them—
cut a broad strip of bark all round to ensure their dying off—and also
piled up pyramids of brush round them. Father and son, mother and
son-in-law, are chopping away perseveringly in the background—too
busy, almost, to look round at the white stranger, who usually excites
so much interest. If you pass by the same place a week later, the piles
of brushwood have disappeared and a thick layer of ashes has taken
the place of the green forest. The large trees stretch their
smouldering trunks and branches in dumb accusation to heaven—if
they have not already fallen and been more or less reduced to ashes,
perhaps only showing as a white stripe on the dark ground.
This work of destruction is carried out by the Makonde alike on the
virgin forest and on the bush which has sprung up on sites already
cultivated and deserted. In the second case they are saved the trouble
of burning the large trees, these being entirely absent in the
secondary bush.
After burning this piece of forest ground and loosening it with the
hoe, the native sows his corn and plants his vegetables. All over the
country, he goes in for bed-culture, which requires, and, in fact,
receives, the most careful attention. Weeds are nowhere tolerated in
the south of German East Africa. The crops may fail on the plains,
where droughts are frequent, but never on the plateau with its
abundant rains and heavy dews. Its fortunate inhabitants even have
the satisfaction of seeing the proud Wayao and Wamakua working
for them as labourers, driven by hunger to serve where they were
accustomed to rule.
But the light, sandy soil is soon exhausted, and would yield no
harvest the second year if cultivated twice running. This fact has
been familiar to the native for ages; consequently he provides in
time, and, while his crop is growing, prepares the next plot with axe
and firebrand. Next year he plants this with his various crops and
lets the first piece lie fallow. For a short time it remains waste and
desolate; then nature steps in to repair the destruction wrought by
man; a thousand new growths spring out of the exhausted soil, and
even the old stumps put forth fresh shoots. Next year the new growth
is up to one’s knees, and in a few years more it is that terrible,
impenetrable bush, which maintains its position till the black
occupier of the land has made the round of all the available sites and
come back to his starting point.
The Makonde are, body and soul, so to speak, one with this bush.
According to my Yao informants, indeed, their name means nothing
else but “bush people.” Their own tradition says that they have been
settled up here for a very long time, but to my surprise they laid great
stress on an original immigration. Their old homes were in the
south-east, near Mikindani and the mouth of the Rovuma, whence
their peaceful forefathers were driven by the continual raids of the
Sakalavas from Madagascar and the warlike Shirazis[47] of the coast,
to take refuge on the almost inaccessible plateau. I have studied
African ethnology for twenty years, but the fact that changes of
population in this apparently quiet and peaceable corner of the earth
could have been occasioned by outside enterprises taking place on
the high seas, was completely new to me. It is, no doubt, however,
correct.
The charming tribal legend of the Makonde—besides informing us
of other interesting matters—explains why they have to live in the
thickest of the bush and a long way from the edge of the plateau,
instead of making their permanent homes beside the purling brooks
and springs of the low country.
“The place where the tribe originated is Mahuta, on the southern
side of the plateau towards the Rovuma, where of old time there was
nothing but thick bush. Out of this bush came a man who never
washed himself or shaved his head, and who ate and drank but little.
He went out and made a human figure from the wood of a tree
growing in the open country, which he took home to his abode in the
bush and there set it upright. In the night this image came to life and
was a woman. The man and woman went down together to the
Rovuma to wash themselves. Here the woman gave birth to a still-
born child. They left that place and passed over the high land into the
valley of the Mbemkuru, where the woman had another child, which
was also born dead. Then they returned to the high bush country of
Mahuta, where the third child was born, which lived and grew up. In
course of time, the couple had many more children, and called
themselves Wamatanda. These were the ancestral stock of the
Makonde, also called Wamakonde,[48] i.e., aborigines. Their
forefather, the man from the bush, gave his children the command to
bury their dead upright, in memory of the mother of their race who
was cut out of wood and awoke to life when standing upright. He also
warned them against settling in the valleys and near large streams,
for sickness and death dwelt there. They were to make it a rule to
have their huts at least an hour’s walk from the nearest watering-
place; then their children would thrive and escape illness.”
The explanation of the name Makonde given by my informants is
somewhat different from that contained in the above legend, which I
extract from a little book (small, but packed with information), by
Pater Adams, entitled Lindi und sein Hinterland. Otherwise, my
results agree exactly with the statements of the legend. Washing?
Hapana—there is no such thing. Why should they do so? As it is, the
supply of water scarcely suffices for cooking and drinking; other
people do not wash, so why should the Makonde distinguish himself
by such needless eccentricity? As for shaving the head, the short,
woolly crop scarcely needs it,[49] so the second ancestral precept is
likewise easy enough to follow. Beyond this, however, there is
nothing ridiculous in the ancestor’s advice. I have obtained from
various local artists a fairly large number of figures carved in wood,
ranging from fifteen to twenty-three inches in height, and
representing women belonging to the great group of the Mavia,
Makonde, and Matambwe tribes. The carving is remarkably well
done and renders the female type with great accuracy, especially the
keloid ornamentation, to be described later on. As to the object and
meaning of their works the sculptors either could or (more probably)
would tell me nothing, and I was forced to content myself with the
scanty information vouchsafed by one man, who said that the figures
were merely intended to represent the nembo—the artificial
deformations of pelele, ear-discs, and keloids. The legend recorded
by Pater Adams places these figures in a new light. They must surely
be more than mere dolls; and we may even venture to assume that
they are—though the majority of present-day Makonde are probably
unaware of the fact—representations of the tribal ancestress.
The references in the legend to the descent from Mahuta to the
Rovuma, and to a journey across the highlands into the Mbekuru
valley, undoubtedly indicate the previous history of the tribe, the
travels of the ancestral pair typifying the migrations of their
descendants. The descent to the neighbouring Rovuma valley, with
its extraordinary fertility and great abundance of game, is intelligible
at a glance—but the crossing of the Lukuledi depression, the ascent
to the Rondo Plateau and the descent to the Mbemkuru, also lie
within the bounds of probability, for all these districts have exactly
the same character as the extreme south. Now, however, comes a
point of especial interest for our bacteriological age. The primitive
Makonde did not enjoy their lives in the marshy river-valleys.
Disease raged among them, and many died. It was only after they
had returned to their original home near Mahuta, that the health
conditions of these people improved. We are very apt to think of the
African as a stupid person whose ignorance of nature is only equalled
by his fear of it, and who looks on all mishaps as caused by evil
spirits and malignant natural powers. It is much more correct to
assume in this case that the people very early learnt to distinguish
districts infested with malaria from those where it is absent.
This knowledge is crystallized in the
ancestral warning against settling in the
valleys and near the great waters, the
dwelling-places of disease and death. At the
same time, for security against the hostile
Mavia south of the Rovuma, it was enacted
that every settlement must be not less than a
certain distance from the southern edge of the
plateau. Such in fact is their mode of life at the
present day. It is not such a bad one, and
certainly they are both safer and more
comfortable than the Makua, the recent
intruders from the south, who have made USUAL METHOD OF
good their footing on the western edge of the CLOSING HUT-DOOR
plateau, extending over a fairly wide belt of
country. Neither Makua nor Makonde show in their dwellings
anything of the size and comeliness of the Yao houses in the plain,
especially at Masasi, Chingulungulu and Zuza’s. Jumbe Chauro, a
Makonde hamlet not far from Newala, on the road to Mahuta, is the
most important settlement of the tribe I have yet seen, and has fairly
spacious huts. But how slovenly is their construction compared with
the palatial residences of the elephant-hunters living in the plain.
The roofs are still more untidy than in the general run of huts during
the dry season, the walls show here and there the scanty beginnings
or the lamentable remains of the mud plastering, and the interior is a
veritable dog-kennel; dirt, dust and disorder everywhere. A few huts
only show any attempt at division into rooms, and this consists
merely of very roughly-made bamboo partitions. In one point alone
have I noticed any indication of progress—in the method of fastening
the door. Houses all over the south are secured in a simple but
ingenious manner. The door consists of a set of stout pieces of wood
or bamboo, tied with bark-string to two cross-pieces, and moving in
two grooves round one of the door-posts, so as to open inwards. If
the owner wishes to leave home, he takes two logs as thick as a man’s
upper arm and about a yard long. One of these is placed obliquely
against the middle of the door from the inside, so as to form an angle
of from 60° to 75° with the ground. He then places the second piece
horizontally across the first, pressing it downward with all his might.
It is kept in place by two strong posts planted in the ground a few
inches inside the door. This fastening is absolutely safe, but of course
cannot be applied to both doors at once, otherwise how could the
owner leave or enter his house? I have not yet succeeded in finding
out how the back door is fastened.
MAKONDE LOCK AND KEY AT JUMBE CHAURO

This is the general way of closing a house. The Makonde at Jumbe
Chauro, however, have a much more complicated, solid and original
one. Here, too, the door is as already described, except that there is
only one post on the inside, standing by itself about six inches from
one side of the doorway. Opposite this post is a hole in the wall just
large enough to admit a man’s arm. The door is closed inside by a
large wooden bolt passing through a hole in this post and pressing
with its free end against the door. The other end has three holes into
which fit three pegs running in vertical grooves inside the post. The
door is opened with a wooden key about a foot long, somewhat
curved and sloped off at the butt; the other end has three pegs
corresponding to the holes, in the bolt, so that, when it is thrust
through the hole in the wall and inserted into the rectangular
opening in the post, the pegs can be lifted and the bolt drawn out.[50]
MODE OF INSERTING THE KEY
With no small pride first one householder and then a second

showed me on the spot the action of this greatest invention of the
Makonde Highlands. To both with an admiring exclamation of
“Vizuri sana!” (“Very fine!”). I expressed the wish to take back these
marvels with me to Ulaya, to show the Wazungu what clever fellows
the Makonde are. Scarcely five minutes after my return to camp at
Newala, the two men came up sweating under the weight of two
heavy logs which they laid down at my feet, handing over at the same
time the keys of the fallen fortress. Arguing, logically enough, that if
the key was wanted, the lock would be wanted with it, they had taken
their axes and chopped down the posts—as it never occurred to them
to dig them out of the ground and so bring them intact. Thus I have
two badly damaged specimens, and the owners, instead of praise,
come in for a blowing-up.
The Makua huts in the environs of Newala are especially
miserable; their more than slovenly construction reminds one of the
temporary erections of the Makua at Hatia’s, though the people here
have not been concerned in a war. It must therefore be due to
congenital idleness, or else to the absence of a powerful chief. Even
the baraza at Mlipa’s, a short hour’s walk south-east of Newala,
shares in this general neglect. While public buildings in this country
are usually looked after more or less carefully, this is in evident
danger of being blown over by the first strong easterly gale. The only
attractive object in this whole district is the grave of the late chief
Mlipa. I visited it in the morning, while the sun was still trying with
partial success to break through the rolling mists, and the circular
grove of tall euphorbias, which, with a broken pot, is all that marks
the old king’s resting-place, impressed one with a touch of pathos.
Even my very materially-minded carriers seemed to feel something
of the sort, for instead of their usual ribald songs, they chanted
solemnly, as we marched on through the dense green of the Makonde
bush:—
“We shall arrive with the great master; we stand in a row and have
no fear about getting our food and our money from the Serkali (the
Government). We are not afraid; we are going along with the great
master, the lion; we are going down to the coast and back.”
With regard to the characteristic features of the various tribes here
on the western edge of the plateau, I can arrive at no other
conclusion than the one already come to in the plain, viz., that it is
impossible for anyone but a trained anthropologist to assign any
given individual at once to his proper tribe. In fact, I think that even
an anthropological specialist, after the most careful examination,
might find it a difficult task to decide. The whole congeries of peoples
collected in the region bounded on the west by the great Central
African rift, Tanganyika and Nyasa, and on the east by the Indian
Ocean, are closely related to each other—some of their languages are
only distinguished from one another as dialects of the same speech,
and no doubt all the tribes present the same shape of skull and
structure of skeleton. Thus, surely, there can be no very striking
differences in outward appearance.
Even did such exist, I should have no time
to concern myself with them, for day after day,
I have to see or hear, as the case may be—in
any case to grasp and record—an
extraordinary number of ethnographic
phenomena. I am almost disposed to think it
fortunate that some departments of inquiry, at
least, are barred by external circumstances.
Chief among these is the subject of iron-
working. We are apt to think of Africa as a
country where iron ore is everywhere, so to
speak, to be picked up by the roadside, and
where it would be quite surprising if the
inhabitants had not learnt to smelt the
material ready to their hand. In fact, the
knowledge of this art ranges all over the
continent, from the Kabyles in the north to the
Kafirs in the south. Here between the Rovuma
and the Lukuledi the conditions are not so
favourable. According to the statements of the
Makonde, neither ironstone nor any other
form of iron ore is known to them. They have
not therefore advanced to the art of smelting
the metal, but have hitherto bought all their
THE ANCESTRESS OF
THE MAKONDE
iron implements from neighbouring tribes.
Even in the plain the inhabitants are not much
better off. Only one man now living is said to
understand the art of smelting iron. This old fundi lives close to
Huwe, that isolated, steep-sided block of granite which rises out of
the green solitude between Masasi and Chingulungulu, and whose
jagged and splintered top meets the traveller’s eye everywhere. While
still at Masasi I wished to see this man at work, but was told that,
frightened by the rising, he had retired across the Rovuma, though
he would soon return. All subsequent inquiries as to whether the
fundi had come back met with the genuine African answer, “Bado”
(“Not yet”).
BRAZIER
Some consolation was afforded me by a brassfounder, whom I

came across in the bush near Akundonde’s. This man is the favourite
of women, and therefore no doubt of the gods; he welds the glittering
brass rods purchased at the coast into those massive, heavy rings
which, on the wrists and ankles of the local fair ones, continually give
me fresh food for admiration. Like every decent master-craftsman he
had all his tools with him, consisting of a pair of bellows, three
crucibles and a hammer—nothing more, apparently. He was quite
willing to show his skill, and in a twinkling had fixed his bellows on
the ground. They are simply two goat-skins, taken off whole, the four
legs being closed by knots, while the upper opening, intended to
admit the air, is kept stretched by two pieces of wood. At the lower
end of the skin a smaller opening is left into which a wooden tube is
stuck. The fundi has quickly borrowed a heap of wood-embers from
the nearest hut; he then fixes the free ends of the two tubes into an
earthen pipe, and clamps them to the ground by means of a bent
piece of wood. Now he fills one of his small clay crucibles, the dross
on which shows that they have been long in use, with the yellow
material, places it in the midst of the embers, which, at present are
only faintly glimmering, and begins his work. In quick alternation
the smith’s two hands move up and down with the open ends of the
bellows; as he raises his hand he holds the slit wide open, so as to let
the air enter the skin bag unhindered. In pressing it down he closes
the bag, and the air puffs through the bamboo tube and clay pipe into
the fire, which quickly burns up. The smith, however, does not keep
on with this work, but beckons to another man, who relieves him at
the bellows, while he takes some more tools out of a large skin pouch
carried on his back. I look on in wonder as, with a smooth round
stick about the thickness of a finger, he bores a few vertical holes into
the clean sand of the soil. This should not be difficult, yet the man
seems to be taking great pains over it. Then he fastens down to the
ground, with a couple of wooden clamps, a neat little trough made by
splitting a joint of bamboo in half, so that the ends are closed by the
two knots. At last the yellow metal has attained the right consistency,
and the fundi lifts the crucible from the fire by means of two sticks
split at the end to serve as tongs. A short swift turn to the left—a
tilting of the crucible—and the molten brass, hissing and giving forth
clouds of smoke, flows first into the bamboo mould and then into the
holes in the ground.
The technique of this backwoods craftsman may not be very far
advanced, but it cannot be denied that he knows how to obtain an
adequate result by the simplest means. The ladies of highest rank in
this country—that is to say, those who can afford it, wear two kinds
of these massive brass rings, one cylindrical, the other semicircular
in section. The latter are cast in the most ingenious way in the
bamboo mould, the former in the circular hole in the sand. It is quite
a simple matter for the fundi to fit these bars to the limbs of his fair
customers; with a few light strokes of his hammer he bends the
pliable brass round arm or ankle without further inconvenience to
the wearer.
SHAPING THE POT
SMOOTHING WITH MAIZE-COB
CUTTING THE EDGE

FINISHING THE BOTTOM
LAST SMOOTHING BEFORE

BURNING
FIRING THE BRUSH-PILE

LIGHTING THE FARTHER SIDE OF
THE PILE
TURNING THE RED-HOT VESSEL
NYASA WOMAN MAKING POTS AT MASASI

Pottery is an art which must always and everywhere excite the
interest of the student, just because it is so intimately connected with
the development of human culture, and because its relics are one of
the principal factors in the reconstruction of our own condition in
prehistoric times. I shall always remember with pleasure the two or
three afternoons at Masasi when Salim Matola’s mother, a slightly-
built, graceful, pleasant-looking woman, explained to me with
touching patience, by means of concrete illustrations, the ceramic art
of her people. The only implements for this primitive process were a
lump of clay in her left hand, and in the right a calabash containing
the following valuables: the fragment of a maize-cob stripped of all
its grains, a smooth, oval pebble, about the size of a pigeon’s egg, a
few chips of gourd-shell, a bamboo splinter about the length of one’s
hand, a small shell, and a bunch of some herb resembling spinach.
Nothing more. The woman scraped with the
shell a round, shallow hole in the soft, fine
sand of the soil, and, when an active young
girl had filled the calabash with water for her,
she began to knead the clay. As if by magic it
gradually assumed the shape of a rough but
already well-shaped vessel, which only wanted
a little touching up with the instruments
before mentioned. I looked out with the
MAKUA WOMAN closest attention for any indication of the use
MAKING A POT. of the potter’s wheel, in however rudimentary
SHOWS THE a form, but no—hapana (there is none). The
BEGINNINGS OF THE embryo pot stood firmly in its little
POTTER’S WHEEL
depression, and the woman walked round it in
a stooping posture, whether she was removing
small stones or similar foreign bodies with the maize-cob, smoothing
the inner or outer surface with the splinter of bamboo, or later, after
letting it dry for a day, pricking in the ornamentation with a pointed
bit of gourd-shell, or working out the bottom, or cutting the edge
with a sharp bamboo knife, or giving the last touches to the finished
vessel. This occupation of the women is infinitely toilsome, but it is
without doubt an accurate reproduction of the process in use among
our ancestors of the Neolithic and Bronze ages.
There is no doubt that the invention of pottery, an item in human
progress whose importance cannot be over-estimated, is due to
women. Rough, coarse and unfeeling, the men of the horde range
over the countryside. When the united cunning of the hunters has
succeeded in killing the game; not one of them thinks of carrying
home the spoil. A bright fire, kindled by a vigorous wielding of the
drill, is crackling beside them; the animal has been cleaned and cut
up secundum artem, and, after a slight singeing, will soon disappear
under their sharp teeth; no one all this time giving a single thought
to wife or child.
To what shifts, on the other hand, the primitive wife, and still more
the primitive mother, was put! Not even prehistoric stomachs could
endure an unvarying diet of raw food. Something or other suggested
the beneficial effect of hot water on the majority of approved but
indigestible dishes. Perhaps a neighbour had tried holding the hard
roots or tubers over the fire in a calabash filled with water—or maybe
an ostrich-egg-shell, or a hastily improvised vessel of bark. They
became much softer and more palatable than they had previously
been; but, unfortunately, the vessel could not stand the fire and got
charred on the outside. That can be remedied, thought our
ancestress, and plastered a layer of wet clay round a similar vessel.
This is an improvement; the cooking utensil remains uninjured, but
the heat of the fire has shrunk it, so that it is loose in its shell. The
next step is to detach it, so, with a firm grip and a jerk, shell and
kernel are separated, and pottery is invented. Perhaps, however, the
discovery which led to an intelligent use of the burnt-clay shell, was
made in a slightly different way. Ostrich-eggs and calabashes are not
to be found in every part of the world, but everywhere mankind has
arrived at the art of making baskets out of pliant materials, such as
bark, bast, strips of palm-leaf, supple twigs, etc. Our inventor has no
water-tight vessel provided by nature. “Never mind, let us line the
basket with clay.” This answers the purpose, but alas! the basket gets
burnt over the blazing fire, the woman watches the process of
cooking with increasing uneasiness, fearing a leak, but no leak
appears. The food, done to a turn, is eaten with peculiar relish; and
the cooking-vessel is examined, half in curiosity, half in satisfaction
at the result. The plastic clay is now hard as stone, and at the same
time looks exceedingly well, for the neat plaiting of the burnt basket
is traced all over it in a pretty pattern. Thus, simultaneously with
pottery, its ornamentation was invented.
Primitive woman has another claim to respect. It was the man,
roving abroad, who invented the art of producing fire at will, but the
woman, unable to imitate him in this, has been a Vestal from the
earliest times. Nothing gives so much trouble as the keeping alight of
the smouldering brand, and, above all, when all the men are absent
from the camp. Heavy rain-clouds gather, already the first large
drops are falling, the first gusts of the storm rage over the plain. The
little flame, a greater anxiety to the woman than her own children,
flickers unsteadily in the blast. What is to be done? A sudden thought
occurs to her, and in an instant she has constructed a primitive hut
out of strips of bark, to protect the flame against rain and wind.
This, or something very like it, was the way in which the principle
of the house was discovered; and even the most hardened misogynist
cannot fairly refuse a woman the credit of it. The protection of the
hearth-fire from the weather is the germ from which the human
dwelling was evolved. Men had little, if any share, in this forward
step, and that only at a late stage. Even at the present day, the
plastering of the housewall with clay and the manufacture of pottery
are exclusively the women’s business. These are two very significant
survivals. Our European kitchen-garden, too, is originally a woman’s
invention, and the hoe, the primitive instrument of agriculture, is,
characteristically enough, still used in this department. But the
noblest achievement which we owe to the other sex is unquestionably
the art of cookery. Roasting alone—the oldest process—is one for
which men took the hint (a very obvious one) from nature. It must
have been suggested by the scorched carcase of some animal
overtaken by the destructive forest-fires. But boiling—the process of
improving organic substances by the help of water heated to boiling-
point—is a much later discovery. It is so recent that it has not even
yet penetrated to all parts of the world. The Polynesians understand
how to steam food, that is, to cook it, neatly wrapped in leaves, in a
hole in the earth between hot stones, the air being excluded, and
(sometimes) a few drops of water sprinkled on the stones; but they
do not understand boiling.
To come back from this digression, we find that the slender Nyasa
woman has, after once more carefully examining the finished pot,
put it aside in the shade to dry. On the following day she sends me
word by her son, Salim Matola, who is always on hand, that she is
going to do the burning, and, on coming out of my house, I find her
already hard at work. She has spread on the ground a layer of very
dry sticks, about as thick as one’s thumb, has laid the pot (now of a
yellowish-grey colour) on them, and is piling brushwood round it.
My faithful Pesa mbili, the mnyampara, who has been standing by,
most obligingly, with a lighted stick, now hands it to her. Both of
them, blowing steadily, light the pile on the lee side, and, when the
flame begins to catch, on the weather side also. Soon the whole is in a
blaze, but the dry fuel is quickly consumed and the fire dies down, so
that we see the red-hot vessel rising from the ashes. The woman
turns it continually with a long stick, sometimes one way and
sometimes another, so that it may be evenly heated all over. In
twenty minutes she rolls it out of the ash-heap, takes up the bundle
of spinach, which has been lying for two days in a jar of water, and
sprinkles the red-hot clay with it. The places where the drops fall are
marked by black spots on the uniform reddish-brown surface. With a
sigh of relief, and with visible satisfaction, the woman rises to an
erect position; she is standing just in a line between me and the fire,
from which a cloud of smoke is just rising: I press the ball of my
camera, the shutter clicks—the apotheosis is achieved! Like a
priestess, representative of her inventive sex, the graceful woman
stands: at her feet the hearth-fire she has given us beside her the
invention she has devised for us, in the background the home she has
built for us.
At Newala, also, I have had the manufacture of pottery carried on
in my presence. Technically the process is better than that already
described, for here we find the beginnings of the potter’s wheel,
which does not seem to exist in the plains; at least I have seen
nothing of the sort. The artist, a frightfully stupid Makua woman, did
not make a depression in the ground to receive the pot she was about
to shape, but used instead a large potsherd. Otherwise, she went to
work in much the same way as Salim’s mother, except that she saved
herself the trouble of walking round and round her work by squatting
at her ease and letting the pot and potsherd rotate round her; this is
surely the first step towards a machine. But it does not follow that
the pot was improved by the process. It is true that it was beautifully
rounded and presented a very creditable appearance when finished,
but the numerous large and small vessels which I have seen, and, in
part, collected, in the “less advanced” districts, are no less so. We
moderns imagine that instruments of precision are necessary to
produce excellent results. Go to the prehistoric collections of our
museums and look at the pots, urns and bowls of our ancestors in the
dim ages of the past, and you will at once perceive your error.
MAKING LONGITUDINAL CUT IN
BARK
DRAWING THE BARK OFF THE LOG
REMOVING THE OUTER BARK

BEATING THE BARK
WORKING THE BARK-CLOTH AFTER BEATING, TO MAKE IT

SOFT
MANUFACTURE OF BARK-CLOTH AT NEWALA

To-day, nearly the whole population of German East Africa is
clothed in imported calico. This was not always the case; even now in
some parts of the north dressed skins are still the prevailing wear,
and in the north-western districts—east and north of Lake
Tanganyika—lies a zone where bark-cloth has not yet been
superseded. Probably not many generations have passed since such
bark fabrics and kilts of skins were the only clothing even in the
south. Even to-day, large quantities of this bright-red or drab
material are still to be found; but if we wish to see it, we must look in
the granaries and on the drying stages inside the native huts, where
it serves less ambitious uses as wrappings for those seeds and fruits
which require to be packed with special care. The salt produced at
Masasi, too, is packed for transport to a distance in large sheets of
bark-cloth. Wherever I found it in any degree possible, I studied the
process of making this cloth. The native requisitioned for the
purpose arrived, carrying a log between two and three yards long and
as thick as his thigh, and nothing else except a curiously-shaped
mallet and the usual long, sharp and pointed knife which all men and
boys wear in a belt at their backs without a sheath—horribile dictu!
[51]
Silently he squats down before me, and with two rapid cuts has
drawn a couple of circles round the log some two yards apart, and
slits the bark lengthwise between them with the point of his knife.
With evident care, he then scrapes off the outer rind all round the
log, so that in a quarter of an hour the inner red layer of the bark
shows up brightly-coloured between the two untouched ends. With
some trouble and much caution, he now loosens the bark at one end,
and opens the cylinder. He then stands up, takes hold of the free
edge with both hands, and turning it inside out, slowly but steadily
pulls it off in one piece. Now comes the troublesome work of
scraping all superfluous particles of outer bark from the outside of
the long, narrow piece of material, while the inner side is carefully
scrutinised for defective spots. At last it is ready for beating. Having
signalled to a friend, who immediately places a bowl of water beside
him, the artificer damps his sheet of bark all over, seizes his mallet,
lays one end of the stuff on the smoothest spot of the log, and
hammers away slowly but continuously. “Very simple!” I think to
myself. “Why, I could do that, too!”—but I am forced to change my
opinions a little later on; for the beating is quite an art, if the fabric is
not to be beaten to pieces. To prevent the breaking of the fibres, the
stuff is several times folded across, so as to interpose several
thicknesses between the mallet and the block. At last the required
state is reached, and the fundi seizes the sheet, still folded, by both
ends, and wrings it out, or calls an assistant to take one end while he
holds the other. The cloth produced in this way is not nearly so fine
and uniform in texture as the famous Uganda bark-cloth, but it is
quite soft, and, above all, cheap.
Now, too, I examine the mallet. My craftsman has been using the
simpler but better form of this implement, a conical block of some
hard wood, its base—the striking surface—being scored across and
across with more or less deeply-cut grooves, and the handle stuck
into a hole in the middle. The other and earlier form of mallet is
shaped in the same way, but the head is fastened by an ingenious
network of bark strips into the split bamboo serving as a handle. The
observation so often made, that ancient customs persist longest in
connection with religious ceremonies and in the life of children, here
finds confirmation. As we shall soon see, bark-cloth is still worn
during the unyago,[52] having been prepared with special solemn
ceremonies; and many a mother, if she has no other garment handy,
will still put her little one into a kilt of bark-cloth, which, after all,
looks better, besides being more in keeping with its African
surroundings, than the ridiculous bit of print from Ulaya.
MAKUA WOMEN

Etextbook 978 0134527338 Network Security Essentials Applications and Standards 6th Edition

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Etextbook 978 0134527338 Network Security Essentials Applications and Standards 6th Edition

Uploaded by

Copyright:

Available Formats

eTextbook 978-0134527338 Network

Security Essentials: Applications and

6. 3.6 Digital Signatures 93

1. 3.7 Key Terms, Review Questions, and Problems 96

3. Part Two: Network Security Applications 103

1. Chapter 4 Key Distribution and User Authentication 103

1. 4.1 Remote User Authentication Principles 104

2. 4.2 Symmetric Key Distribution Using Symmetric Encryption 107

3. 4.3 Kerberos 108

4. 4.4 Key Distribution Using Asymmetric Encryption 121

5. 4.5 X.509 Certificates 123

6. 4.6 Public-Key Infrastructure 130

7. 4.7 Federated Identity Management 133

1. 4.8 Key Terms, Review Questions, and Problems 139

2. Chapter 5 Network Access Control and Cloud Security 144

1. 5.1 Network Access Control 145

2. 5.2 Extensible Authentication Protocol 148

3. 5.3 IEEE 802.1X Port-Based Network Access Control 152

4. 5.4 Cloud Computing 154

5. 5.5 Cloud Security Risks and Countermeasures 160

6. 5.6 Data Protection in the Cloud 162

7. 5.7 Cloud Security as a Service 166

8. 5.8 Addressing Cloud Computing Security Concerns 169

1. 5.9 Key Terms, Review Questions, and Problems 170

3. Chapter 6 Transport-Level Security 171

1. 6.1 Web Security Considerations 172

2. 6.2 Transport Layer Security 174

3. 6.3 HTTPS 191

4. 6.4 Secure Shell (SSH) 192

4. Chapter 7 Wireless Network Security 206

1. 7.1 Wireless Security 207

2. 7.2 Mobile Device Security 210

3. 7.3 IEEE 802.11 Wireless LAN Overview 214

4. 7.4 IEEE 802.11i Wireless LAN Security 220

1. 7.5 Key Terms, Review Questions, and Problems 235

5. Chapter 8 Electronic Mail Security 237

1. 8.1 Internet Mail Architecture 238

2. 8.2 E-mail Formats 242

3. 8.3 E-mail Threats and Comprehensive E-mail Security 250

4. 8.4 S/MIME 252

5. 8.5 Pretty Good Privacy 263

6. 8.6 DNSSEC 264

7. 8.7 DNS-Based Authentication of Named Entities 268

8. 8.8 Sender Policy Framework 270

9. 8.9 DomainKeys Identified Mail 273

10. 8.10 Domain-Based Message Authentication, Reporting, and Conformance 279

1. 8.11 Key Terms, Review Questions, and Problems 284

6. Chapter 9 IP Security 286

1. 9.1 IP Security Overview 287

2. 9.2 IP Security Policy 293

3. 9.3 Encapsulating Security Payload 298

4. 9.4 Combining Security Associations 306

5. 9.5 Internet Key Exchange 309

6. 9.6 Cryptographic Suites 317

1. 9.7 Key Terms, Review Questions, and Problems 319

4. Part Three: System Security 321

1. 10.1 Types of Malicious Software (Malware) 322

2. 10.2 Advanced Persistent Threat 325

3. 10.3 Propagation—Infected Content—Viruses 326

4. 10.4 Propagation—Vulnerability Exploit—Worms 331

5. 10.5 Propagation—Social Engineering—Spam E-mail, Trojans 337

6. 10.6 Payload—System Corruption 339

7. 10.7 Payload—Attack Agent—Zombie, Bots 340

8. 10.8 Payload—Information Theft—Keyloggers, Phishing, Spyware 341