UNIX System Security

UNIX System Security

A Guide for Users and System Administrators

by David A. Curry

ISBN 10: 0-201-56327-4 / ISBN 13: 9780201563276

Addison-Wesley Professional Computing Series

April 1992

The following is made available for your personal, non-commercial use only. You may cite this document as a bibliographic reference in any works that you are writing. Any commercial use of this document, including printing and distribution to groups of people (such as a classroom) is prohibited without my prior written permission.

Complete text of the book:

From the back cover...

Because the UNIX system was originally designed by programmers for use by other programmers, it was used in an environment of open cooperation where security was of minimal concern. Now that its use has spread to universities, businesses, and government, the confidential and sensitive nature of the data stored on UNIX systems has made the security of these systems of paramount importance.

Despite all of the technical papers and workshops on UNIX security, this book is unique. UNIX System Security is the first up-to-date source to provide the UNIX system user or administrator with the information needed to protect the data and system from unauthorized use. By following the procedures described in this book and making use of the C programs and shell scripts provided as examples, you can protect your UNIX system from most attackers.

The author begins by examining four high-profile breaches of UNIX security as illustrations of how a UNIX system can be attacked. He then provides the information necessary to protect against these forms of attack, and offers the tools that can be used to do so. Focusing on the most recent release of Berkeley and System V UNIX, and such vendor derivatives as SunOS and ULTRIX, the book gives information that can be applied to any version of UNIX since Seventh Edition.

Issues discussed include account and password security, securing the file system, encryption and authentication systems, TCP/IP network security, the Network Information Service (NIS), NFS, RFS, workstation security, terminals and modems, and UUCP. Other chapters describe how to respond if your system is attacked and how to develop a comprehensive security policy for your organization. The book also gives comprehensive lists of freely available security software, and publications and mailing lists dealing with UNIX security.

Table of Contents

Preface

Chapter 1 UNIX Security Stories

The Internet Worm

The Wily Hacker

A True UNIX Trojan Horse

Attacking UNIX With Viruses

Summary

Chapter 2 Account Security

Passwords

Expiration Dates

Guest Accounts

Well-Known Accounts

Group Accounts vs. Groups

Protecting an Account

Super-User

Monitoring Account Security

Summary

Chapter 3 File System Security

File Permissions

The umask Value

The write System Call

The Sticky Bit on Directories

The Set-Group-Id Bit on Directories

Set-User-Id and Set-Group-Id Shell Scripts

Devices

Backups

Monitoring File System Security

Summary

Chapter 4 Network Security

Trusted Hosts

The inetd Program

The File Transfer Protocol (FTP)

Electronic Mail

Finger

Forgery and Spoofing

Network Configuration

Sophisticated Network Attacks

Monitoring Network Security

Summary

Chapter 5 NIS, NFS, and RFS

The Network Information Service (NIS)

The Network File System (NFS)

The Remote File Sharing Service (RFS)

Summary

Chapter 6 Workstations

Single-User Mode

Super-User Access

Network Access

The PROM Monitor

Screen Access

Summary

Chapter 7 Terminals, Modems, and UUCP

Terminals

Dial-Up Modems

Terminal Servers

The UNIX-to-UNIX Copy Program (UUCP)

Summary

Chapter 8 Responding to Attacks

Detection

Response

Notification

Summary

Chapter 9 Encryption and Authentication

Encryption

Authentication

Encrypting and Authenticating Electronic Mail

Summary

Chapter 10 Security Policies

Establishing Policies and Why

Access to the System

Password Policies

Proper Use

System Staff Rights and Responsibilities

Copyrights and Licenses

Ethics

Guidelines for the Secure Operation of the Internet

Summary

Chapter 11 Security Software

Obtaining Fixes and New Versions

Publicly Available Software

RSA Privacy-Enhanced Mail

The National Computer Security Center

Summary

Chapter 12 Obtaining Security Information

Computer Security Incident Response Capabilities

Forming a CSIRC

Vendor Security Notification

Mailing Lists

USENET Newsgroups

Suggested Reading

Summary

Glossary

References

Appendix A A Password Cracker

Appendix B A File System Checker

Appendix C Kerberos Dialogue

Appendix D A Complete Security Policy

Appendix E UNIX Security Checklist

Index