Essay Title: 

Unit 4 – Unix and Forensics -DB

March 19, 2016 | Author: | Posted in internet, technology

Unix Security Holes

A possible security hole is present in Remote Procedure Calls (RPC RPC allows remote execution of programs (and is essential in networking .When programs are executed with unnecessarily elevated privileges , as is sometimes the case , potential attackers can find access to the root account . In many Linux distributions , for example RPC is enabled by default , with services that may be unneeded . Removal of these unnecessary services should be done to minimize this threat

Finger and ruser can be used by attackers to discover account names and guess passwords [banner_entry_middle]

. Finger should be disabled if unneeded . Also , poor passwords are an additional threat to system security . Care should be taken when issuing and allowing passwords , and a policy should be implemented to disallow users from creating weak passwords . As is often reiterated , passwords should not be dictionary words , and should be alphanumeric , or even better , alphanumeric punctuation . Additionally using one password for new accounts should not be practiced Buffer overflows are a simple yet very effective attack . When program code uses unbounded arrays , such can used to insert assembly code (past the end of the array ) which will be executed by the program

Unix and derivatives have the concept of set-user-id (or suid programs . When regular users need additional privileges , such as when changing a password , they can use a suid program to do so . This is a potential security threat a buffer overflow can be exploited by an attacker . If the attacker can take advantage of the buffer overflow , he gains elevated privileges . Daemons are particularly of concern , since these usually run with root privileges . Any daemons with buffer overflow problems can be exploited to gain unauthorized entry . Some sendmail vulnerabilities are also related to buffer overflows as well as pipe attacks . Aside from not running unneeded programs and using the latest security patches , the only ways to protect a system against buffer overflow attacks are to check the code itself , and to keep abreast of any advisories regarding this When it comes to web servers , the apache web server , which is widely used , can have known vulnerabilities , especially if it is not patched with the latest security updates . Apache should not be run as root , and unneeded scripting languages should be disabled

Software updates must always be installed as soon as they become available , as these usually fix known vulnerabilities

A computer system ‘s functionality and security are often at odds , and a good compromise must be arrived at . If , as in the case of many Linux distributions , an operating system runs and is fully functional out of the box , chances are that it will have many security holes waiting for attackers to stumble upon . Care must be taken in choosing an operating system and in plugging security holes


UNIX System Configuration Problems that are Exploited . The University of Hong Kong . Retrieved April 12 , 2006 , from http /www .hku .hk /cc /faq /security /unix .html

Rajib K . Mitra (1998 . UNIX Security .Retrieved April 12 , 2006 , from http /www .windowsecurity .com /uplarticle /17 /unix_security .txt

Farmer , D . Improving the Security of Your Site by Breaking Into It Retrieved April 12 , 2006 , from http /www .alw .nih .gov /Security /Docs /admin-guide-to-cracking .101 .html

UNIX Security Checklist v2 .0 (2006 , February 7 . AusCERT . Retrieved April 12 , 2006 , from http /www .cert .org /tech_tips /usc20_full .html

Securing Linux , Part 1 (2006 . Retrieved April 12 , 2006 , from http /www .windowsecurity .com /white /Securing_Linux_Part_1 .html

Thomas , E (1999 April . Attack Class : Buffer Overflows . Hello World ! A magazine for computer science students . Retrieved April 12 , 2006 , from http /www .cosc .brocku .ca cspress /HelloWorld /1999 /04-apr /attack_class .h tml … [banner_entry_footer]

Comments Off on Unit 4 – Unix and Forensics -DB


This author has published 9190 articles so far. More info about the author is coming soon.

Comments are closed.