textfiles/magazines/ATI/ati-35.txt

469 lines
25 KiB
Plaintext

***** ********* *******
* * * *
* * * *
********* * *
* * * *
* * * *
* * * *******
Issue #35 March 29, 1989
Happy Birthday to The Operator (201) !!
**************
** YIPPIE! **- - - - - - - - - - .
************** /
/ /
/ /
Activist Times, Inc. ATI is a
journalistic, causistic, /
/cyberpolitical /
/organization, / 4 more info?
/trying to / send SASE
/help y'all / stamps???
change the world / to:
radically, in less / ATI
than two minutes / P.O. Box 2501
..of course! / Bloomfield, NJ
- - - - - - - 07003
Note the new address! Of course..
The only difference is that your lovely
correspondence will go to yours truly,
Ground Zero.
Ok, here's some of the correspondence
we've gotten lately. Keep the feedback
coming. We love to hear from our
readers, even if it's criticism.
:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.
From: Anonymous Location: Unknown
Finally got all of ATI34... Just a few comments.
NJ Bell isn't "favoring" AT&T over the other carriers. It's merely engaging in
the common business of selling information on its customers. Name one business
that doesn't do this, I'll show you one missing out on a nice source of easy
profit.
The New Age club: is it any worse than any of the politically correct
movements (the New Age movement, that is)? A couple of days ago I went down to
the low-rent/low-iq/high-crimerate section of town and started collecting some
of the political posters. The following was taken from a flyer advertising a
feminist rally to oppose pro-lifers:
The Link Between Forced Reproduction and Forced Sterilization!
Speaker: Elizabeth Thacker from the Revolutionary Communist Youth Brigade
I won't bother with the rest; it was a paranoid ramble about how white males
were opposing abortion to force women into being sterilized as the only means
of birth control. I could give more examples, like a press statement from the
NAACP regarding a recent civil rights decion by the federal government
The New Age movement is no worse than any other mass movement; in fact, by
your standards they should be the best. Don't they show concern for the
environment, the arms race, and poverty, and believe in Universal Love and
all the other things your average 60's-leftover leftist advocates but has
enough sense not to follow.
Regarding the Tau Kappa Et advocates but has
enough sense not to follow.
Regarding the Tau Kappa Epsilon poster: was it any more frightening than the
self-righteous censorship practiced by yourself and the other campus
feminists?
Question yourself as well as others
-:-:-:-:-:-:-:-:-:-:-:-:-:-:-:-:-:-:-:-
GZ's reply: I do question myself,quite
often, in fact. You brought up a good
point about NJ Bell, which I can agree
with. However, your refernce to the
"low rent/low-iq" part of town shows
an obvious bias against the poor. And
I am all too familiar with the
Revolutionary Communist Youth Brigade,
which often takes extreme stances on
issues, but I must say that there truly
have been many instances in which the
poor have undergone forced steriliz-
ation. And you cannot deny the fact
that regular means of birth control are
not readily accessible by poor women.
If these methods were available to poor
women in the first place, there would
be little need for abortions or ster-
ilization. And as far as censorship of
the TKE posters, I believe that I have
the right to remove materials that are
both extremely offensive and, more
importantly, dangerous to women.
-:-:-:-:-:-:-:-:-:-:-:-:-:-:-:-:-:-:-:-
From: The Worm Location: 203
I enjoy reading ATI very much. Are you the originator of this magazine?
:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:.:
GZ's reply: No, Prime Anarchist (203)
was the originator of ATI last summer.
When he went into the Army last
November, I took over the writing and
distribution, along with Fah-Q and
The Operator (201) and our staff,
consisting of Cygnus (203) and The
Happy Hacker (412), and other occasion-
al contributors. Thanks for your
continued support!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Ok, now for something that I think
you'll enjoy. We don't have the Doc
Telecom/Raider article ready yet, so
we will grace you with an article on
UNIX which we hope you'll find very
informative. Don't flinch, just read
it. Maybe you'll learn something..
?"Striving for Unix Security" ?
? Typed in by Nightcrawler for Activist Times, Inc. ?
? Originally presented in Computerworld -- March 20, 1989 ?
Last November's well-publicized worm attack struck more than Internet's
Unix-based electronic mail system. The operating system and AT & T, its
major developer, are also suffering from the impact. Other potential
victims may be corporations and governments that have accepted Unix for
its functionality and portability.
Unix has a reputation for being insecure. But is it inherently insecure?
The question has enormous economic, political and techonological sensitivity
but it and others must be answered.
The facts are that Unix's security depends on the version of the operating
system being used, what the systems administrator has established as controls
and what pressures for security improvements develop from the government
corporations and even AT & T.
What are the security problems associated with using the Unix operating
system? How can IS best safeguard information running on Unix-based systems?
What specific approaches to improving the security of Unix systems will be
effective?
"Unix popularity"
Secure or not, there is no doubt that Unix is popular. The results of a
recent survey of Unix users indicate that the reasons for Unix's growing
popularity among users range from its portability and cost-effectiveness to
its proven success in other organizations. Certain companies have little
choice in whether to select Unix, because the software programs best suited
for their needs are often Unix-based.
According to the survey, the biggest barrier to increasing Unix usage is
the lack of trained technical expertise, the lack of compatibility and the
lack of application software. Framingham, Mass.-based market research firm
International Data Corp. has cited the lack of proven commercial and
application software performance and the standards confusion as also working
against Unix.
Interestingly, security was not mentioned once in the survey results, even
though the questions were asked in December, during the height of the publi-
city surrounding the Internet virus attack. Yet security obviously should
be a concern to the more than two-thirds of the respondents who indicated
that they were using communications links between Unix and non-Unix systems
for file transfer, terminal emulation, Transmission Control Protocol/
Internet Protocol, and E-mail.
Unix's popularity is partly because of the variety of Unix-based products
out today. But because of the independent development work that has been
done on Unix, the user is often faced with the fact that one Unix product is
not always the same as another. In reality, there are a number of Unix
versions that share only certain features and security vulnerabilities.
Unix's ready availability and portability have caused it to be the
operating system of choice for both academicians and new companies develo-
ping computer systems. Vendors that use it as the operating system for a
hardware platform tailor Unix to suit their own needs. Usually this
tailoring occurs inside the kernel.
"What is Unix, really?"
Unix is composed of a set of tools and applications that run on top of a
base, or kernel, that handles the low-level functions. The tailoring inside
the kernel would not be readily visible to users even though it may be
extensive.
For example, Unix is notorious for having a file system that is hard to
repair and maintain. Thus, some vendors completely rewrite the file system
internals in hope of improving their market edge and the stability of their
system. While that vendor's system may be better, the result is that Unix
often becomes a label on a set of services that appear to be the same to
the user but are in fact very different inside.
The University of California at Berkeley has become the center for much
of the academic development that is now the basis for one of the two major
versions of Unix available in the market -- Unix Version 4.2. AT & T's
Unix System V, whose latest release -- Version 3.2, available since last
fall -- contains major improvements in security.
The Berkeley and AT & T versions are similar in some ways, but they are
different enough to cause confusion. While many of the basic tool kits
are the same, there are enough significant differences to warrant a parti-
tioning of the market. Some vendors have chosen System V, and others have
chosen 4.2. Not all of the applications running on one system run on the
other.
The industry has recognized these problems and has, for this and other
reasons, tried to organize a "standard" Unix. There are competing organi-
zations trying to create the standard Unix, including the Open Software
Foundation (OSF), Unix International, Inc., the Institute of Electrical and
Electronics Engineers (IEEE) in association with the National Institute of
Standards and Technolog (NIST) and X/Open Consortium Ltd. The hope is that
standardization will help make the operating system more consistent and thus
more secure.
As the standardization and security certification efforts heighten, more
and more inspection of the development process and the structure of the
actual code will be required. So far, the lack of development controls has
created a potential for undesirable code to reside within the system and to
be difficult to find.
But these weaknesses may also portend Unix's greatest strength: The
operating system's very openness and the scrutiny devoted to it will make
it difficult for the bugs to remain in place forever. Since no single
vendor has control over Unix, no single vendor can control or cover up the
problems. Over the next few years, most of the unknowns in Unix hopefully
will be understood and repaired.
"Unix insecurity"
The fact remains that Unix does have many sceurity vulnerabilities that
are well known to computer and network managers. These weaknesses are also
well known to hackers, computer hobbyists and others who may be interested
in testing their technological skills. They have easy access to published
articles, Unix documentation and bulletin-board information sources on
back doors into Unix.
The Unix security problem is composed of Unix-specific and non-Unix-
specific elements. Unix-specific sceurity risks are those inherent in the
architecture of th eoperating system and therefore are not likely to
disappear from most existing Unix systems in the near future. Included in
this classification are the "superuser" user category, which provides
universal access, and the "setuid" and "setgid" system calls.
Non-Unix-specific security risks are those associated with the normal
usage of computer systems and software. On a Unix system, these can lead
to great damage because of how Unix functions. Included in this category
are the risks in having software conatin back doors or Trojan horses as
well as unsecured physical locations where networks, computer rooms,
terminals, tapes and disks can be accessed by unauthorized persons.
"Unix-specific issues"
The inherent operating qualities of Unix create a vulnerability that opens
the doors to some security attacks. For the Unix-proficient, these struc-
tures can be summarized in the superuser, setuid and setgid functions. A
user who becomes a superuser is able to remove all the security barriers that
exist within Unix. Thus, one problem deals with keeping unauthorized users
from becoming superusers. This problem is common to a variety of Unix
systems and has a rather standard set of administrative solutions.
Many of the tools and utilities in Unix need to change modes into
superuser for a brief period of time in order to reach some service that
the system calls. When properly executed, these place the program executing
them into superuser status. In most cases, such programs are well debugged
and there is little risk of decreasing the stability of the system. However,
teh existence of a mechanism that allows the garnting of unlimited privileges
to some programs can be easily exploited. The xeploitation can occur through
poor design or through maliciousness. There are many documented cases of
poorlydebugged and/or maliciously designed programs being run in this mode
and creating inadvertent or intentional damage.
In one case, an administrator wrote a program that, among other things,
allowed users store information in certain privileged directories. The
program used a file, itself in a privileged directory, to control the
directories that were to be written into. Unfortunatley, the file contained
an entry for its own directory. A user saw this and rewrote the entire file,
giving himslef the ability to write into any directory in the system. Were
he malicious, he could easily have placed viruses, Trojan horses, back doors,
or other programs in any system or user directory.
Thus, any program capable of reaching superuser status needs to be care-
fully managed and certified. In an environment that is open and free, what
often happens instead is that software can be passed from one machine to
another without proper certification. In one experiment, a researcher gave
one such maliciously designed program to a nonprivileged Unix installation
user and observed its migration to the status of a privileged program within
a few days.
Software travels quickly, and seemingly useful software travels even more
quickly. Thus, while the mechanism within Unix can be safeguarded, it is
more difficult to ensure that the people around Unix will act with the
proper caution.
"Non-Unix-specific issues"
This scenario leads to the non-Unix-realted aspects of security. There
are two popular methods for attacking a computer system -- a Trojan horse
and a back door. These two types of attacks are used in many types of
systems, not just Unix systems. A Trojan horse is a program that contains
code whose instruction is to do some kind of damage.
For all practical purposes, the program provides some useful service.
However, it also contains logic that will do something other than what the
program was intended to do. These Trojan hore programs have caused a
variety of damage, ranging from corrupting files to surreptiously sending
files across a network to someone who otherwise would not have access to
the transferred data.
A back door is similar to a Trojan horse except that it is a piece of code
that is left behind to be triggered by an outside agent. The person who
inserted the back door activates the code. Once activated, it responds to
the commands of the intruder. The Internet virus in the Unix E-mail system
allegedly came in through such a back door.
In Unix, these and similar attacks pose special dangers because, by
judicious manipulation, the attacker can become a superuser and gain access
to anything in the machine. These unsophisticated computer attacks can be
very effective in Unix, more so than in some other systems.
"Other openings"
In addition to ecternally produced Trojan horses and back doors, two
mechanisms within Unix are important to security. When users enter a command
in Unix, the system searches for the program named by that command along a
search list of names defined by the variable "PATH." If this search list is
altered in some fashion, everyday users can be invoking Trojan horse programs
that are disguised to look like standard programs. In general, PATH is set
up to search through a standard set of drirectories for the program. If PATH
is altered to search through a directory that has not been allocated privi-
leged status and does not belong to the user typing commands, then any
program placed in that directory could be chosen before the standard program.
Thus, one alteration to PATH can lead to an endless set of bogus programs.
A security audit product currently on the market uses such a technique to
determine if the security of the system has been breached. The security audit
program masquerades as the common utility "ls." When "ls" is invoked, a
security audit is done in addition to the normal work "ls" usually performs.
While this use of the mechanism is for security reasons, other uses may not
be for that purpose. Ensuring that PATH is not altered can control accidental
triggering of malicious programs.
The sceond major security concern found within Unix is the connection of
the system to the network. Unix systems, by and large, tend to be connected
to networks. Hiwever, besides their valuable use as user and data
connectors, networks can also be thought of as vehicles for bringing in
uncertified software and sending out private data.
Unix has many tools that will alow it to become part of the growing commu-
nity of newtwork users within the industry. The Unix-to-Unix Copy Program
is one such mechanism that allows the system to send and receive mail and
script files from users on other systems.
In addition, network file systems represent another threat by requiring
users to reach across the network for their file systems. This intimate
link between users and their file systems can potentially be more easily
intercepted than when this communication takes place within a single internal
system. The network in effect puts the Unix system out in the open, where it
may be more vulnerable to access attempts.
Network connectivity also creates a need for adequate physical security.
Many precautions must be taken to provide enough security for a Unix system
just as for any other system. While Unix's physical sceurity requierments
are no different from any other system, the availability of ways to connect
to other systems over the network, local or worldwide, makes physical
security harder to achieve than with other systems of lesser capability.
"Securing Unix"
While it may appear that Unix users are without protection, that is not
the case at all. While Unix is not as strong as many in information
security would like, newer versions of Unix have improved security, and
additional tools are available to make Unix more secure. There are also
future developments that will increase the ease of security management.
Systems using Unix can be better protected. Yet, they are only as secure
as their systems administrators allow them to be. The security of any
operating system can be attributed directly to how well that system has been
administratively reviewed and secured.
IS must set up accounts, create passwords, add new software to the systems
and give access rights to various pieces of data. The dynamics of admini-
stering a system dictate ongoing change in the access and relationship of the
various accounts, files and programs. Without careful and deliberate
execution, the best automated mechanisms can be subverted.
Beyond the system administrators, the vendors of systems with known
weaknesses also have responsibilities to pay more attention to system
security. They need to provide information and pass on timely patches to
their customers when holes are discovered in their systems. They will have
to work to increase their systems' security to stem lost sales opportunities
as well as to prevent potential lawsuits, which, even if unsuccessful, can
become public relations nightmares.
While there may not always be enough pressure put on vendors solely by
corporations requiring a secure Unix, the federal government has been quite
active in seeking ways to induce security within the vendor community. Over
the next few years, the government will strengthen the security requirements
of all the systems -- Unix or otherwise -- that it procures, and as
commercial vendors comply with these regulations, these products will become
available to the private sector. Thus, systems purchased in 1992 should, in
all likelihood, have significant security improvements over today's systems.
In any case, the government-vendor cooperatie relationship can be examined in
a number of ways.
The current conflict over standards affects Unix security, and that is
what links the vendor community with the federal government, which holds a
major stake in Unix security. (The government purchased $1.93 billion worth
of Unix systems in 1988, with approximately two-thirds of that eramarked for
the defense agency.) According to recent published reports, US Department of
Defense officials are so concerned about the security aspects of both AT &
T's System V and OSF's Unix offering that they may try to force the two
groups together to come up with an acceptable operating system.
Recently, in response to the latest outbreak of computer viruses, the
Defense Department formed the Computer Emergency Response Team (CERT). CERT
is a group of experts who will be available to fly to federal sites around
nation to assist in fighting viruses. Last December, /Usr/Group, the Unix
trade association, applauded the establishment of CERT and suggested that the
computer industry supplement these government efforts by agreeing on standard
procedures for dealing with emergencies such as viruses. The user group
recommended considering the best way to disseminate information when computer
networks are artificially congested through viruses or other exceptional
network problems.
The government also supports Unix security improvements through its
testing procedures. In late 1986, the National Security Agency's National
Computer Security Center studied a prototype secure system derived from
AT & T's Unix System V, Release 2. The study assigned that system with the
B2-level of assurance requirements defined in the Trusted Computer System
Evaluation Criteria (TCSEC). The study concluded that is possible to build
a B2, B3, or A1 system with an interface very much like that of Unix.
However, it also concluded that major problems exist with today's common
Unix implementations.
Fortunately, vendors have started to respond to the government's security
concerns. Several firms have announced secure versions of Unix to help them
capture contracts with organizations such as aerospace companies. The
Department of Defense issued Directive 5200.28 last year, requiring that by
1992 virtually all multiuser computer systems meet at least the C2 level of
the TCSEC. This level provides for need-to-know protection, audit capabi-
lity, and user accountability. Certain vendors have announced that they are
seeking even higher levels of security. AT & T's next release of Unix is
expected to have C2-level security features.
In addition, the Department of Commerce's NIST, which develops standards
for the civilian agencies of the federal government and interfaces with the
private sector, has a Unix security project. Posix is concerned with
security standards efforts associated with IEEE P1003.6, which is an
inetrface-specific standard. The objectives and scope of this effort are to
establish functional interface standards consistent with but not limited by
the TCSEC. Elements of Posix wil include basic security mechanisms, discre-
tionary access controls, auditability mechanisms and nondiscretionary access
controls.
Without a doubt, Unix security will improve over time. How it will
improve and the costs involved in increased security are less certain.
Those decisions await the push of an organized IS community.
IS has a major stake in improving Unix security, but only such that the
security serves other IS needs. If upgrading Unix security interferes with
information flow or complicates network management, it will continue to
receive insuffiecient attention. A balance between production and protec-
tion will have to be addressed.
IS managers have an absolute right to impress upon vendors their interest
in security improvements within certain rpoduct lines. IS can also make it
quite clear to the Unix standards groups that these organizations must agree
on security as a priority area, aside from their other disagreements
concerning standards.
Finally, IS can advise and work with the government to define the security
needs of the private sector. Firms should get into both the definition and
decision loops at this time or be prepared to stand around and complain after
some very essential decisions have been made. By that time, it may be too
late to do very much.
The Internet virus attack brought Unix security problems out into the
open. Ironically, the attack took place while major efforts were already
under way to improve the security of this operating system. Eventually,
secure Unix may no longer be a contradiction in terms.
============================================================================
Did you like it? I hope so. Thanks a
bunch to Nightcrawler (516) for
contributing it!
Welp, that's all for ATI35. ATI36
will be out within the next week. We
promise. Look forward to a LOT of
good stuff. In the meantime, stay
cool, and remember....It's better to
be pissed off then pissed on!
Ciao...