Practical UNIX Security
Table of Contents
Page
Preface ................................................................. xix
Scope of This Book ....................................................... xx
Which UNIX System? .................................................... xxiii
Conventions Used in This Book .......................................... xxiv
Acknowledgments ........................................................ xxvi
Comments and Questions ................................................. xxvi
Three Final Notes ..................................................... xxvii
Part I UNIX and UNIX Security Basics ..................................... 1
Chapter 1 Introduction ................................................... 3
What's Computer Security? ................................................. 4
What's an Operating System? ............................................... 5
History of UNIX ........................................................... 6
Security and UNIX ......................................................... 8
Security and Networks .................................................... 10
Types of Security ........................................................ 11
Risk Assessment ...................................................... 12
Assessing Your Risk .................................................. 12
Reacting to an Emergency ............................................. 13
Other Important Steps ................................................ 15
The Problem with Security Through Obscurity .............................. 15
The First Step ........................................................... 19
Chapter 2 Users and Passwords ........................................... 21
Usernames ................................................................ 22
The /etc/passwd File ................................................. 23
The /etc/passwd File and Network Databases ........................... 24
Passwords ................................................................ 24
Why Use Passwords? ................................................... 25
Entering Your Password ............................................... 26
Changing Your Password ............................................... 27
Checking Out Your New Password ....................................... 28
The UNIX Encrypted Password System ....................................... 29
The crypt(3) Algorithm ............................................... 30
What Is Salt? ........................................................ 31
The Care and Feeding of Passwords ........................................ 32
Bad Passwords: Open Doors ............................................... 32
Good Passwords: Locked Doors ............................................ 35
Passwords on Multiple Machines ....................................... 35
Writing Down Passwords ............................................... 36
Administrative Techniques ................................................ 36
Assigning Passwords to Users ......................................... 37
Password Generators .................................................. 38
Shadow Password Files ................................................ 38
Password Aging and Expiration ........................................ 39
Algorithm Changes .................................................... 40
Preventing Direct Logins to Accounts ................................. 41
Account Names Revisited .............................................. 41
Summary .................................................................. 42
Chapter 3 Users, Groups, and the Superuser .............................. 45
Users and Groups ......................................................... 45
User Identifiers (UIDs) .............................................. 46
Groups and Group Identifiers (GIDs) .................................. 46
Special Users ............................................................ 49
The Superuser ........................................................ 49
Other Special Users .................................................. 52
Impact of the /etc/passwd and /etc/group Files on Security ........... 53
The su(1) Command: Changing Who You Are ................................. 53
Becoming the Superuser ............................................... 54
Restricting su ....................................................... 55
The Bad su Log ....................................................... 55
Other Uses of su ..................................................... 56
Summary .................................................................. 56
Chapter 4 The UNIX Filesystem ........................................... 57
Files .................................................................... 57
Using the ls(1) Command .............................................. 58
Understanding File Permissions ....................................... 60
File Permissions in Detail ........................................... 62
Using File Permissions ................................................... 63
chmod: Changing a File's Permissions ................................ 64
Setting a File's Permissions ......................................... 66
Calculating Octal File Permissions ................................... 67
Using Octal File Permissions ......................................... 69
The umask ................................................................ 69
The umask Command .................................................... 70
Common umask Values .................................................. 71
Using Directory Permissions .............................................. 72
SUID ..................................................................... 74
SUID, SGID, and Sticky Bits .......................................... 74
Problems with SUID ................................................... 75
Finding All of the SUID and SGID Files ............................... 79
Turning Off SUID and SGID in Mounted Filesystems ..................... 80
SGID and Sticky Bits on Directories .................................. 81
SGID Bit on Files (System V UNIX Only) ............................... 81
Device Files ............................................................. 82
chown: Changing a File's Owner .......................................... 84
chgrp: Changing a File's Group .......................................... 85
Part II Enforcing Security on Your System ............................... 87
Chapter 5 Defending Your Accounts ....................................... 89
Dangerous Accounts ....................................................... 90
Accounts Without Passwords ........................................... 90
Default Accounts ..................................................... 91
Accounts That Run a Single Command ................................... 92
Open Accounts ........................................................ 93
Group Accounts ........................................................... 95
Dormant Accounts ......................................................... 96
Changing an Account's Password ....................................... 96
Changing the Account's Login Shell ................................... 97
Finding Dormant Accounts ............................................. 98
Protecting the root Account Under Berkeley UNIX ......................... 100
Secure Terminals .................................................... 100
The wheel Group ..................................................... 101
Chapter 6 Securing Your Data ........................................... 103
File Backups ............................................................ 104
Why Make Backups? ................................................... 104
What Should You Back Up? ............................................ 106
Kinds of Backups .................................................... 106
How Long Should You Keep a Backup? .................................. 108
Security for Backups ................................................ 108
Database Backups and Daily Checking ..................................... 109
Integrity Checking and Checklists ....................................... 111
Checklists .......................................................... 112
File Protection Modes ............................................... 112
Read-only Disks ..................................................... 113
Comparison Copies ................................................... 116
Checklists .......................................................... 121
Signatures .......................................................... 122
Chapter 7 The UNIX Log Files ........................................... 125
The /usr/adm/lastlog File ............................................... 126
The /etc/utmp and /usr/adm/wtmp Files ................................... 126
The last Program .................................................... 127
Pruning the wtmp File ............................................... 128
The /usr/adm/acct File .................................................. 129
The Berkeley System Log (syslog) Facility ............................... 131
The syslog.conf Configuration File .................................. 133
Where to Log ........................................................ 135
Chapter 8 Protecting Against Programmed Threats ........................ 139
Programmed Threats: Definitions ........................................ 140
Back Doors and Trap Doors ........................................... 141
Logic Bombs ......................................................... 142
Viruses ............................................................. 143
Worms ............................................................... 144
Trojan Horses ....................................................... 145
Bacteria and Rabbits ................................................ 146
Damage .................................................................. 147
Authors ................................................................. 148
Entry ................................................................... 149
Protecting Yourself ..................................................... 150
Shell Features ...................................................... 151
Startup File Attacks ................................................ 157
Abusing Automatic Mechanisms ........................................ 159
Unexpected Interactions ............................................. 163
Protecting Your System .................................................. 165
File Protections .................................................... 165
SUID and SGID Programs .............................................. 169
Notes on Writing a SUID Program ..................................... 170
SUID Shell Scripts .................................................. 171
Part III Communications and Security ................................... 175
Chapter 9 Modems ....................................................... 177
Theory of Operation ..................................................... 178
Serial Interfaces ....................................................... 178
The RS-232 Serial Protocol .......................................... 179
Originate and Answer ................................................ 183
Modems and Security ................................................. 183
One-way Phone Lines ................................................ 184
Modems and UNIX ......................................................... 184
Hooking Up a Modem to Your Computer ................................. 185
Setting Up the UNIX Device .......................................... 186
Checking Your Modem ................................................. 186
Physical Protection ................................................. 190
Additional Security for Modems .......................................... 191
Chapter 10 UUCP ........................................................ 193
About UUCP .............................................................. 194
The uucp Command .................................................... 194
The uux Command ..................................................... 195
The mail Command .................................................... 196
How the uucp Commands Work .......................................... 197
Versions of UUCP ........................................................ 197
UUCP and Security ....................................................... 198
Assigning Additional UUCP Logins .................................... 199
Establishing UUCP Passwords ......................................... 200
Security of the L.sys and Systems Files ............................. 200
Security in Version 2 UUCP .............................................. 201
USERFILE: Providing Remote File Access ............................. 201
A USERFILE Example .................................................. 205
L.cmds: Providing Remote Command Execution ......................... 207
Security in BNU UUCP .................................................... 209
The Permissions File ................................................ 209
Permissions Commands ................................................ 211
uucheck(1): Checking Your Permissions File ......................... 215
Additional Security Concerns ............................................ 216
Mail Forwarding for UUCP ............................................ 216
Automatic Execution of Cleanup Scripts .............................. 217
Early Security Problems with UUCP ....................................... 217
Summary ................................................................. 219
Chapter 11 Networks and Security ....................................... 221
The Internet ............................................................ 222
Internet Addresses ...................................................... 223
The /etc/hosts File ................................................. 224
Network Hostname Service ............................................ 225
Clients and Servers ..................................................... 226
TCP/IP .............................................................. 227
UDP/IP .............................................................. 230
UNIX Network Servers ................................................ 230
The /etc/services File .............................................. 230
Starting the Servers ................................................ 231
The /etc/inetd Program .............................................. 231
Network Services ........................................................ 233
TELNET .............................................................. 234
rlogin and rsh ...................................................... 235
rexec ............................................................... 239
finger .............................................................. 240
Electronic Mail ..................................................... 241
FTP ................................................................. 243
TFTP ................................................................ 247
The X Window System ................................................. 247
Security Implications of Network Services ............................... 250
Monitoring Your Network with netstat ................................ 251
Summary ................................................................. 253
Chapter 12 Sun's NFS ................................................... 255
NIS ..................................................................... 256
Netgroups ........................................................... 257
Setting Up Netgroups ................................................ 258
NFS ..................................................................... 259
How NFS Works ....................................................... 260
The /etc/exports File ............................................... 263
The showmount Command ............................................... 265
Authentication and NFS .............................................. 266
Improving Basic NFS Security ............................................ 267
Limiting Exported Filesystems ....................................... 267
Limit Exported Machines ............................................. 268
Use root Ownership .................................................. 268
Export Read-only .................................................... 268
Do Not Export Server Executables .................................... 268
The fsirand Program ................................................. 268
Summary: Security Implications of NFS .............................. 269
A Final Word on NIS ..................................................... 270
Unintended Disclosure ............................................... 271
Spoofing the Servers ................................................ 271
Summary ................................................................. 272
Chapter 13 Kerberos and Secure RPC ..................................... 275
The Problem ............................................................. 276
What's Wrong with LANs? ............................................. 276
Minimizing the Problems ............................................. 278
MIT's Kerberos .......................................................... 279
What's It Like to Use Kerberos? ..................................... 280
How to Install Kerberos ............................................. 281
What's Wrong with Kerberos? ......................................... 281
Sun Microsystems' Secure RPC ............................................ 282
How Secure RPC Works ................................................ 283
What's It Like to Use Secure NFS? ................................... 287
How to Install Secure RPC ........................................... 287
What's Wrong with Secure RPC? ....................................... 289
Chapter 14 Firewall Machines ........................................... 291
What's a Firewall? ...................................................... 291
Internal Firewalls .................................................. 292
External Firewalls .................................................. 293
Setting Up a Firewall ................................................... 295
The Choke ........................................................... 295
Choosing the Choke's Protocols ...................................... 296
Setting Up the Gate ..................................................... 298
Name Service ........................................................ 298
Electronic Mail ..................................................... 299
Netnews ............................................................. 300
FTP ................................................................. 300
Other Services ...................................................... 301
An Alternate Method ..................................................... 302
Special Considerations .................................................. 303
Part IV Handling Security Incidents .................................... 307
Chapter 15 Discovering a Break-in ...................................... 309
Prelude ................................................................. 309
Discovering an Intruder ................................................. 311
Catching One in the Act ............................................. 311
What to Do When You Catch Somebody .................................. 312
Tracing a Connection ................................................ 313
Getting Rid of the Intruder ......................................... 318
The Log Files: Discovering an Intruder's Tracks ........................ 319
Cleaning Up After the Intruder .......................................... 320
New Accounts ........................................................ 320
An Example .............................................................. 325
A Last Note: Never Trust Anything Except Hardcopy ...................... 326
Chapter 16 Denial of Service Attacks and Solutions ..................... 329
Destruction Attacks ..................................................... 330
Overload Attacks ........................................................ 331
Process Overload Attacks ............................................ 332
Disk Attacks ........................................................ 335
Swap Space Attacks .................................................. 340
Soft Process Limits: Preventing Accidental Denial of Service ....... 340
Network Denial of Service Attacks ....................................... 341
Service Overloading ................................................. 341
Message Flooding .................................................... 342
Signal Grounding .................................................... 343
Chapter 17 Computer Security and U.S. Law .............................. 345
Legal Options After a Break-in .......................................... 345
Criminal Prosecution .................................................... 346
The Local Option .................................................... 347
Federal Jurisdiction ................................................ 348
Federal Computer Crime Laws ......................................... 348
Hazards of Criminal Prosecution ..................................... 349
If You or One of Your Employees is a Target of an Investigation ..... 351
Other Tips .......................................................... 352
Civil Actions ........................................................... 354
Privacy and the Electronic Communications Privacy Act ................... 355
Part V Other Security Topics ........................................... 357
Chapter 18 Encryption .................................................. 359
Who Needs Encryption? ................................................... 360
Cryptographic Strength .................................................. 361
Types of Encryption Systems ............................................. 363
ROT13 ................................................................... 364
crypt ................................................................... 364
Enigma Encryption System ............................................ 365
UNIX crypt .......................................................... 367
Ways of Improving the Security of crypt ............................. 367
Example ............................................................. 368
The Data Encryption Standard (DES) ...................................... 369
DES Modes ........................................................... 369
Use and Export of DES ............................................... 370
DES Strength ........................................................ 371
Sun's des Command ................................................... 371
RSA and Public Key Cryptography ......................................... 372
How RSA Works ....................................................... 373
An RSA Example ...................................................... 374
Strength of RSA ..................................................... 375
Proprietary Encryption Systems .......................................... 376
Protect Your Key ........................................................ 377
Chapter 19 Physical Security ........................................... 379
Protecting Computer Hardware ............................................ 380
The Environment ..................................................... 380
Accidents ........................................................... 386
Physical Access ..................................................... 387
Vandalism ........................................................... 388
Acts of War and Terrorism ........................................... 389
Theft ............................................................... 389
Related Concerns .................................................... 390
Protecting Data ......................................................... 391
Eavesdropping ....................................................... 391
Backups ............................................................. 393
Local Storage ....................................................... 396
Unattended Terminals ................................................ 397
Part VI Appendices ..................................................... 399
Appendix A UNIX Security Checklist ..................................... 401
Appendix B Important Files ............................................. 415
System Files ............................................................ 415
Important Files in Your Home Directory .................................. 419
SUID Files in Berkeley UNIX ............................................. 419
SGID Files in Berkeley UNIX ............................................. 422
SUID Files in System V R3.2 UNIX ........................................ 423
SGID Files in System V UNIX ............................................. 424
Appendix C UNIX Processes .............................................. 427
Processes ............................................................... 427
Processes and Programs .............................................. 428
The ps Command ...................................................... 429
Process Properties .................................................. 433
Creating Processes ...................................................... 436
Signals ................................................................. 437
The kill Command ........................................................ 439
Starting Up UNIX and Logging In ......................................... 441
Process #1: /etc/init .............................................. 441
Letting Users Log In ................................................ 442
Running the User's Shell ............................................ 443
Appendix D How Kerberos Works .......................................... 445
Kerberos's Parts ........................................................ 445
Using Kerberos .......................................................... 447
Using a Service ......................................................... 449
Appendix E Other Sources ............................................... 453
References .............................................................. 453
General Computer Security ........................................... 453
UNIX Security ....................................................... 455
Computer Viruses and Programmed Threats ............................. 455
Computer Crime and Law .............................................. 456
Understanding the Computer Security 'Culture' ....................... 457
Understanding and Using Networks .................................... 458
Using and Programming UNIX .......................................... 458
Security Products and Services Information .......................... 459
Miscellaneous References ............................................ 459
Organizations ........................................................... 460
Association for Computing Machinery (ACM) ........................... 460
IEEE Computer Society ............................................... 460
USENIX .............................................................. 461
American Society for Industrial Security (ASIS) ..................... 461
Computer Security Institute (CSI) ................................... 462
National Institute of Standards and Technology (NIST) ............... 462
National Security Agency (NSA) ...................................... 462
Computer Emergency Response Team (CERT) ............................. 463
DOE's Computer Incident Advisory Capability (CIAC) .................. 463
Software Resources ...................................................... 464
Getting Kerberos .................................................... 464
Getting COPS ........................................................ 464
Index ................................................................... 467
Figures
Page
4-1 Basic File Permissions ............................................. 61
4-2 Additional File Permissions ........................................ 74
6-1 An Incremental Backup ............................................. 107
9-1 A Serial Interface Sending the Letter K (ASCII 75) ................ 179
9-2 Communicating by Telephone ........................................ 180
9-3 RS-232 Configuration .............................................. 181
11-1 A Simple Bus Network ............................................. 224
11-2 A Simple Ring Network ............................................ 225
11-3 A Few Connections to a Server .................................... 227
11-4 Internet Connection Numbers ...................................... 228
11-5 A Few Connections to a Server with Port Numbers Shown ............ 229
12-1 How NIS Works .................................................... 256
12-2 NFS Protocol Stack ............................................... 262
14-1 Line from Outside into a Router on a LAN ......................... 293
14-2 Same Machine Used as File Server and Gateway ..................... 294
14-3 Choke and Gateway Setup .......................................... 295
18-1 An Enigma Machine ................................................ 365
18-2 A Diagram of an Enigma Rotor ..................................... 366
D-1 Initial Kerberos Authentication ................................... 447
D-2 Kerberos Communication with Ticket Granting Service ............... 448
D-3 Workstation/File Server/TGS Communication ......................... 450
D-4 Request for Service ............................................... 451
D-5 Mutual Authentication ............................................. 451
Tables
Page
2-1 Example /etc/passwd Fields ......................................... 23
2-2 Passwords and Salts ................................................ 31
3-1 The /etc/group Fields .............................................. 47
4-1 ls Output .......................................................... 59
4-2 Filename Characters ................................................ 59
4-3 File Types ......................................................... 61
4-4 Permissions for Files .............................................. 62
4-5 What Privileges are Being Modified ................................. 64
4-6 What to Do with the Privilege ...................................... 65
4-7 What Privileges are Being Added .................................... 65
4-8 Octal Numbers and Permissions ...................................... 67
4-9 Common File Permissions ............................................ 68
4-10 Common umask Values ............................................... 71
4-11 Permissions for Directories ....................................... 72
4-12 Additional Permissions for Programs ............................... 75
4-13 Behavior of SGID and Sticky Bits with Directories ................. 81
7-1 syslog Facilities ................................................. 131
7-2 syslog Priorities ................................................. 132
7-3 Log Message Sources ............................................... 132
7-4 Critical Messages (crit) .......................................... 136
7-5 Notice Messages (Notice) .......................................... 136
7-6 Error Messages (err) .............................................. 137
7-7 Information Messages (Info) ....................................... 137
9-1 RS-232 Pin Assignments ............................................ 182
10-1 USERFILE Fields .................................................. 202
16-1 Potential Attacks and How to Prevent Them ........................ 330
16-1 Potential Attacks and How to Prevent Them (continued) ............ 331
C-1 ps Options (Berkeley) ............................................. 429
C-2 ps Output (Berkeley) .............................................. 430
C-2 ps Output (Berkeley) (continued) .................................. 431
C-3 ps Options (System V) ............................................. 432
C-4 ps Output (System V) .............................................. 432
C-5 UNIX Signals ...................................................... 437
C-5 UNIX Signals (continued) .......................................... 438
