Internet crackers and security advice

Tony Travis ajt at rri.sari.ac.uk
Tue Sep 8 09:30:40 EST 1992


In article <9288133231.MIN-LBPBa20156.bionet-news at uk.ac.daresbury> you write:
: 	Interesting point here re a Mac and the NCSA Telnet package.  For
: anyone who just discovered that 'config.tel' wasn't set up securely, don't just
: edit that file and assume things are fixed.  Note that if you've aready been
: using NCSA, the program hase long ago read the original config file and then
: created a file named something like 'NCSA Telnet Settings'.  Once this file is
: found upon NCSA startup, there is no reread of config.tel.  So... NOTHING
: changes after an edit to config.tel unless you also trash the settings file.

One of the _few_ virtues of Sun's PCNFS is that it is client-only and
the files on your PC hard disk are inaccessible to the rest of the
network.  Sun have done a remarkable job of selling this inherent
limitation in PCNFS as a security 'feature'.

I am also using netatalk to make NFS filesystems available to Macs from
a Sun workstation over ether-talk.  One limitation of this setup that
might now be seen as a security 'feature' by some is that netatalk
cannot co-exist with local-talk ...

The most frequent breaches of security in my experience do not arise
from clever hacking, but from theft of passwords.  I always try to
ensure that people do not let others know their password and I make
sure they don't watch me type mine!

The transmission of plain-text passwords over the network is a
difficult area to protect when logging in remotely though.

However, all failed login attempts, and the network address where they
originate from are noted in the system log.  Not much use if it's a
bogus network address, admittedly, but it is unusual for repeated
failed login attempts to go unnoticed.

It is also traditional at Unix sites to encourage 'good-guy' mentality
where the hackers are allowed to attempt to breach system security
provided they tell the administrator how they got in.  The really good
hackers just want you to know that they _are_ good and they can
actually help to tighten up security where it is needed.

The malicious hackers ('bad-guys' by tradition) are just out to wreck
your system for the hell of it and will use any method they can.  I
really don't know what motivates such people but I believe that the
best defence is to understand what motivates the 'good-guys' so you can
set a thief to catch a thief.

The best system administrators know this and encourage the 'good-guys'.

	Tony.
--
Dr. A.J.Travis,                       |  Tony Travis
Rowett Research Institute,            |  JANET: <ajt at uk.ac.sari.rri>
Greenburn Road, Bucksburn,            |  other: <ajt at rri.sari.ac.uk>
Aberdeen, AB2 9SB. UK.                |  phone: 0224-712751




More information about the Bio-soft mailing list