Links for Securing Crystallographic (UNIX) Computers on the internet.
l.cranswick at dl.ac.uk
Sun Aug 15 00:18:45 EST 1999
As part of the IUCr Glasgow Congress Software Fayre:
A demo of how hackers probe and get into crystallographic servers
and the software that can defend against this was demonstrated.
Following is some good software links as after chatting to a few
people, "default" setup crystallographic servers seem to be
having their share of break-ins.
Summary is: Providing the OS is kept up to date, unnecessary
services are disabled and programs such as secure shell (ssh) are
installed; it doesn't seem that hard to keep hackers out of
crystallographic systems. The great majority of hackers are
"script kiddies", who use canned software to identify and
target "weak" computer systems without really knowing how the
software they are using works.
Disabling un-necessary services:
Disable deamons you don't need, use or don't know about.
finger, rshd, rlogin, etc (in /etc/inetd.conf). You will
find out if they are necessary if some things stop working.
TCP Wrappers around remaining services running in /etc/inetd.conf
and around the portmapper if this is being used.
FBI NIPC Cybernotes (weekly updates of exploits and new programs)
NMAP for UNIX:
NMS for UNIX:
(needs Libpcap at ftp://ftp.ee.lbl.gov/)
Stealth Scan Detectors (work on Linux)
TCPLOGD for UNIX:
Abacus Sentry for UNIX:
SNIFFIT for UNIX:
(has a non-interactive mode for picking up plain ASCII
passwords travelling over the network)
New Remote Sniffer Detector (needs to be on same network segment)
ANTISNIFF for Windows:
Secure Shell 1.2.27 for UNIX (client and deamon)
(just don't rely on TCP Wrappers - and gives
the option of elliminating the Telnet and FTP deamons)
(To install, just do ./configure ; make ; make install - then
edit the /etc/sshd_config, and create an init script
for the sshd deamon)
TeraTerm for Windows (telnet program)
ttsh (Secure Shell Plugin for Teraterm for Windows)
Deception Toolkit for UNIX:
(installs fake deamons so you can detect exploits before
they can cause any damage)
Backing up hard-disks/information via the network.
Rsync (high efficiency algorithms that can work
through Secure-Shell) (by the people who wrote Samba)
>200kB of anti-hacker links and resources in no particular
Lachlan M. D. Cranswick
Collaborative Computational Project No 14 (CCP14)
for Single Crystal and Powder Diffraction
Daresbury Laboratory, Warrington, WA4 4AD U.K
Tel: +44-1925-603703 Fax: +44-1925-603124
E-mail: l.cranswick at dl.ac.uk Ext: 3703 Room C14
More information about the Xtal-log