		Network Security

Continuing Unix Vulnerabilities

Unix is written in C, a very powerful programming language. However, C does not protect programmers from themselves. Programs written in C can be subverted by those with knowledge of how the program was written. Since most of the source code for Unix is freely available, anyone can become familiar with those areas in the programs that can be subverted.

Unix is an evolutionary product
Continued discoveries of UNIX component vulnerabilities
Many vendors providing updates and patches
Version control imperative
Take care with custom & in-house software
Reading Matter

Unix is an evolutionary product

Unix was written in the early seventies. Since then it has gone through many incarnations and flavours as different vendors have customised and extended it to perform different tasks. As well, many Unix utilities were written by programmers who needed a particular facility at the time and then passed to others (usually across the Internet) who wanted them. There has been no "Unix Programming Standard" and so every utility may have different idiosyncracies. These idiosyncracies can lead to vulnerabilities.

Continued discoveries of UNIX component vulnerabilities

Most Unix utilities (and Unix itself) are written in C. C is a very powerful and fast language. It gets its power by not doing things the programmer might not need all the time. One of the things left to the programmer is the checking and limitation of the amount of data typed in at a prompt. C retrieves all the input and places it in memory for use by the program. If too much data is typed in, that data can overwrite other data storage areas in memory and or parts of the program itself. When it’s the program that’s overwritten, it’s possible for that data to be executed following the return from the entry. In normal buffer overflow situations the program would normally crash. However, if the over-writing data is actually executable code, then that data can take over the program. Any rights/privileges the program has can be put to performing unauthorised tasks.

Many vendors providing updates and patches

Contact the vendor of your operating system. They will have the list of patches that should be applied to your system to bring it up to the latest known secure configuration. After that, you still can’t relax. You’ll need to ensure that any future vulnerabilities are attended to as soon as they appear.

Version control imperative

It’s very important to know the versions of the software running your system. Usually, the latest versions and patches are to be preferred.

If you’re not careful, adding new software or upgrading already installed software can result in the un-doing of patches.

Take care with custom & in-house software

Many of the patches that have been released have been to update program libraries (code stores used when building programs). In-house software will need to be recompiled using the upgraded libraries so that they no longer suffer from the same vulnerabilities as the operating system. Similarly for externally sourced software. It must be recompiled with the non-vulnerable libraries and reloaded.

Reading Matter

"The Cuckoo's Egg" by Clifford Stoll

Clifford Stoll is an astronomer by profession and a network security consultant by accident. His book details how he discovered and tracked down a group of criminal hackers who were using “his” computers as a base from which to attack and hack US Government and military computers throughout the USA.

Clifford was astounded to find that many computers in secure military installations were not secure themselves.

"Takedown" by Tsutomu Shimoura with John Markoff

Tsutomu is a computer security expert who had his own machines invaded by Kevin Mitnik on Christmas Day, 1994. Taking this as a personal affront. Tsutomo put together a security team and began to track the intruder (at this time his identity was unknown). His chase led across the USA to Raleigh, North Carolina, where two months later he led an FBI team to Mitnick’s hide-out, where they arrested him (Mitnick).