UNIX and Network Security

Frecuently Asked Questions (FAQs)

• Marcus Ranum, Firewalls
• Christopher Klaus, Anonymous FTP Servers
• Jeff Licquia, Pretty Good Privacy (PGP)
• Christopher Klaus, Sniffers
• Christopher Klaus, Compromise
• Christopher Klaus, Mailing Lists
• Unknown, SOCKS Package
• Mark Medici, Ethernet
• Scott@spy.com, More Important UNIX Holes List
• Thomas Koenig, Secure Shell

Important Advisories

• CIAC: Computer Incident Advisory Capability
  • CIAC NOTES-12: September 25, 1995
  • CIAC E-12: Network Monitoring Attacks
  • CIAC F-27: Solaris 2.x incorrect permissions on /tmp
  • CIAC F-28: SunOS 4.1.x sendmail(8) vulnerability
  • CIAC F-28b: SunOS 4.1.x sendmail(8) vulnerability (UPDATE)
  • CIAC G-01: UNIX telnetd(8C) "Telnet Environment Option" vulnerability
  • CIAC G-02: SunOS 4.1.x loadmodule(8) vulnerability
  • CIAC G-03: AOLGOLD trojan program
  • CIAC G-06: Windows 95 vulnerabilities

• CERT: Computer Emergency Response Team
  • CERT VB95:04: Logdaemon/FreeBSD vulnerability in S/Key
  • CERT VB95:06: Vulnerability in Cisco's IOS software
  • CERT VB95:07: Vulnerability in lsof software
  • CERT VB95:08: X authentication vulnerability
  • CERT VB95:10: Vulnerability in elm 2.4 PL 24
  • CERT 95:09: Solaris 2.x ps(1) vulnerability
  • CERT 95:10: GhostScript vulnerability in UNIX
  • CERT 95:12: SunOS 4.1.x loadmodule(8) vulnerability
  • CERT 95:13: UNIX Sendmail pre-v8.7.1 calling syslog(3) vulnerability
  • CERT 95:14: UNIX telned(8C) "Telnet Environment Option" vulnerability
  • CERT 95:15: SGI IRIX lp(1) vulnerability
  • CERT 95:18: Widespread Attacks on Internet Sites

• 8LGM: Eight Little Green Men
  • 8LGM 1: UNIX rdist(1) vulnerability
  • 8LGM 2: UNIX Elm Mail System autoreply(1) vulnerability
  • 8LGM 3: UNIX lpr(1) vulnerability
  • 8LGM 4: UNIX gopher(1) vulnerability
  • 8LGM 5: SunOs 4.1.1 binmail(1) vulnerability
  • 8LGM 5b: SunOS 4.1.1 binmail(1) vulnerability (PATCH)
  • 8LGM 6: SunOS 4.1.x binmail(1) vulnerability
  • 8LGM 7: SunOS 4.1.x passwd(1) vulnerability
  • 8LGM 7b: SunOS 4.1.x passwd(1) vulnerability (NEWFIX)
  • 8LGM 8: SunOS 4.1.x kernel with TMFS in use vulnerability
  • 8LGM 9: SVR4 urestore(1) vulnerability
  • 8LGM 10: SCO UNIX 3.2v4.2 at(1) vulnerability
  • 8LGM 11: SVR4 sadc(1M) vulnerability
  • 8LGM 12: UNIX ksh Shell suid_exec vulnerability
  • 8LGM 13: SCO UNIX 3.2v4.2 login(1) vulnerability
  • 8LGM 14: SCO UNIX 3.2v4.2 prwarn(1) vulnerability
  • 8LGM 15: SunOS 4.1.x binmail(1) vulnerability
  • 8LGM 16: SunOS 4.x sendmail(8) vulnerability
  • 8LGM 16b: SunOS 4.x sendmail(8) vulnerability (UPDATE)
  • 8LGM 17: SunOS 4.1.x Sendmail v5 sendmail(8) vulnerability
  • 8LGM 18: SunOS 4.1.x kernel with an HSFS cdrom mounted vulnerability
  • 8LGM 19: SunOS 4.1.x link(2) vulnerability
  • 8LGM 20: SunOS 4.1.x Sendmail v5 umask(2V) vulnerability
  • 8LGM 21: SunOS 4.1.x Sendmail v5 popen(3S) vulnerability
  • 8LGM 22: SunOS 4.1.x programs calling syslog(3S) vulnerability
  • 8LGM 23: SunOS 4.1.x loadmodule(8) calling system(3) vulnerability
  • 8LGM 23b: SunOS 4.1.x loadmodule(8) calling system(3) vulnerability (PATCH)
  • 8LGM 24: SunOS 4.1.x sendmail_wrapper.c calling syslog(3) vulnerability

Articles

1. Nathaniel Sammons, "Multi-Platform Interrogation Reporting with 'Rscan'", 1995
2. Alec Muffet, "WAN Hacking with 'AutoHack'", 1995
3. Christopher Klaus, "What if your Machines are Compromised by an Intruder", 1995
4. Digital Corporation, "SEAL: Screening External Acess Link", 1994
5. Bill Cheswick, "An Evening with Berferd, in wich a Cracker is Lured, Endured and Studied", 1993
6. Daniel Klein, "'Foiling the Cracker': a Survey of, and Improvements to Password Security'", 1993
7. Marcus Ranum, "Thinking about Firewalls", 1993
8. Steve Bellovin, "There Be Dragons", 1992
9. D. Hess, D. Safford, U. Pooch, "A Unix Network Protocol Security Study: NIS", 1992
10. D. Safford, D. Schales, D. Hess, "The TAMU Security Package", 1992
11. Dan Farmer, Wietse Venema, "Improving the Security of your Site by Breaking into It", 1992
12. Wietse Venema, "TCP WRAPPER: Network Monitoring, Access Control, Booby Traps", 1992
13. Bill Cheswick, "The Design of a Secure Internet Gateway", 1990
14. Steve Bellovin, "Security Problems in the TCP/IP Protocol Suite", 1989
15. Robert Morris, "A Weakness in the 4.2BSD UNIX TCP/IP Software", 1985

Interesting Mailing Lists and News Groups

• Mailing Lists
  • CERT-TOOLS, exchange of information on security tools and security techniques.
  • 8LGM-LIST, e-mail delivering of 8LGM Security Advisories.
  • BUGTRAQ-LIST, e-mail discussion of UNIX security holes.
    There is a BugTraq Archive by thread.
  • CIAC-LIST, e-mail delivering of CIAC Security Advisories, Bulletins ans Notes.

• News Groups
  • comp.security.announce, announcement of new security products.
  • comp.security.unix, UNIX related security topics.
  • comp.security.misc, miscelaneous security related topics.
  • comp.security.firewalls, all about firewalls.

Security Tools

• Clyde Hoover, Information about npasswd
• Los Altos Technologies, Gabriel: Network Probe Detector for SATAN
• Nathaniel Sammons, The rscan Home Page
• CIAC, Information about merlin