Security Issues in Unix OS Saubhagya Joshi Suroop Mohan Chandran

Security Management2 Contents  Current scenario –Major players –General threats –Top ten Unix threats  Taxonomy of threats  Examples  Security Management

Security Management3 Major Players  NIST, CERT, SANS Institute, CERIAS, Mitre Inc.  Database + Tools  CVE (121 vulnerabilities out of 3052 unique entries, CVE Version Number: )  ICAT (213 out of 7493 vulnerabilities)  Cassandra

Security Management4 General threats  People (malicious, ignorance)  Physical  Communications  Operations  OS flaws –Denial of Service (DoS) –Spoofing –Privilege Elevation –Repudiation –Replay Attacks –Viruses/Trojans/Worms –Disclosure of Information –Sabotage/Tampering AttacksAttacks

Security Management5 Top Ten Vulnerabilities (SANS Institute + FBI)  BIND Domain Name System  Web Server (CGI scripts)  Authentication (weak, default or no password)  Version Control Systems (buffer overflow on CVS)  Mail Transport Service (insecure SMTP & MTA)  Simple Network Management Protocol (SNMP) –Remotely manage systems, printers, routers  Open Secure Sockets Layer (SSL) –Mainly buffer overflow (POP3, IMAP, LDAP, SMTP)  Misconfiguration of Enterprise Services NIS/NFS  Databases (MySQL, POSTgreSQL, Oracle)  Kernel

Security Management6 Taxonomy codingoperationalenvironment Incorrect permission configuration condition validation Race condition Improper/inadequate Failure to handle exception synchronization Incorrect setup parameters Utility in wrong place Input validation Boundary condition Origin validation Field value correlation Access right validation Type and number of input Missing input Extraneous input syntax Source: Taimur Aslam, Taxonomy of Security Faults in Unix OS, Purdue University, 1995

Security Management7 Operational Examples codingoperationalenvironment Incorrect permission configuration condition validation Race condition Improper/inadequate Failure to handle exception synchronization Incorrect setup parameters Utility in wrong place Input validation Boundary condition Origin validation Field value correlation Access right validation Type and number of input Missing input Extraneous input syntax tftp (trivial file transfer protocol) disclosure of information  sendmail wizard mode  WIZ command  default password = “wizzywoz”

Security Management8 Synchronization Examples codingoperationalenvironment Incorrect permission configuration condition validation Race condition Improper/inadequate Failure to handle exception synchronization Incorrect setup parameters Utility in wrong place Input validation Boundary condition Origin validation Field value correlation Access right validation Type and number of input Missing input Extraneous input syntax “xterm” (window interface in X windows) mknod foo p xterm –lf foo mv foo junk ln –s /etc/passwd foo cat junk if run as root, existing files may be replaced

Security Management9 Condition Validation Example codingoperationalenvironment Incorrect permission configuration condition validation Race condition Improper/inadequate Failure to handle exception synchronization Incorrect setup parameters Utility in wrong place Input validation Boundary condition Origin validation Field value correlation Access right validation Type and number of input Missing input Extraneous input syntax /etc/exports (SunOS4.1) rcp (remote copy) Redirect characters from other user’s terminal uux rem_machine ! rmail anything & command fsck repairs file consistency -- If fsck fails during bootup, privileged shell starts as root

Security Management10 Environment Examples codingoperationalenvironment Incorrect permission configuration condition validation Race condition Improper/inadequate Failure to handle exception synchronization Incorrect setup parameters Utility in wrong place Input validation Boundary condition Origin validation Field value correlation Access right validation Type and number of input Missing input Extraneous input syntax “exec” system call executes some executable object file or data file conaining commands SunOS version 3.2 and early link with name = “-i” exec –i (becomes interactive mode

Security Management11 Security Management in UNIX  US/CERT, AUSCERT - UNIX Security Checklist (2001)  US/CERT, AUSCERT – Steps to Recover from a UNIX or NT System compromise (2000)

Security Management12 UNIX Security Checklist v2.0  The First Step  Basic Operating System  Major Services  Specific Operating Systems

Security Management13 The First Step  Update software and security Patches of the OS.  Make sure that all security mechanisms like Digital signatures and hashing schemes are up to date.  Keep track of all updates to the OS and the services.

Security Management14 Basic Operating System  Network Services  Network Administration  File System Security  Account Security  System Monitoring

Security Management15 Major Services  Name Service  Electronic Mail  Web Security  FTP – ftp and anonymous ftp  File Services  X-Windows System

Security Management16 Specific Operating Systems  BSD-Derived Operating Systems  Linux Distributions  Solaris  IRIX  HP-UX  Digital/Compaq Tru64 UNIX  AIX

Security Management17 Steps to Recover from a Compromise  Before you get Started  Regain Control  Analyze the Intrusion  Contact relevant CSIRT and other sites involved  Recover from the intrusion  Improve the security of the system and network  Reconnect to the Internet  Update your Security Policy