Securing HP-UX By Angela D. Patterson Hewlett-Packard Company 20 Perimeter Summit Blvd.

Securing HP-UX By Angela D. Patterson Hewlett-Packard Company 20 Perimeter Summit Blvd.
Securing HP-UX
By Angela D. Patterson
Hewlett-Packard Company
20 Perimeter Summit Blvd.
MS 1906
Atlanta, GA 30319
Phone: 404.648.7044
Fax: 404.648.5450
[email protected]
Computing has become a major component in our lives and will continue to be a
significant force for years to come. Even if we are not particularly savvy PC users,
computing affects us because records of our life and life activities are managed by and
reside on computers.
Back when computers were in their infancy, few people had intimate knowledge of their
inter-workings. Vital information about our lives was not stored on a disk. It wasn’t
until their popularity grew that a larger population sought to become more technically
proficient, and our method of capturing and storing information evolved from paperdriven to paperless.
As computer technology has emerged, the need for security has also risen. Since the
personal information that is on computers is typically viewed as private or valuable,
security of the data should be of paramount importance to the individuals responsible for
maintaining the data. The average person (typically by no specific choice of her own)
must trust a great number of entities to keep personal information secure.
Securing an operating system is a multi-faceted task. It involves more than simply
performing operating system commands; they handle only the technical aspects of
security. Other non-technical aspects of security are equally important but many people
are unaware of them. We’ll discuss these now and then talk about the more technical
items after.
Each individual who uses a system containing private data should be concerned about its
security. Therefore, the user community should make every effort to be trained
sufficiently on all applications. Over half of the data loss that occurs in companies is due
to poor training of personnel. Management must make application training essential for
all employees. It’s one proactive measure that is likely to result in increased security of
data in the computing environment.
Computer hackers have many methods for gathering information about a system that they
are targeting for sabotage. Social engineering and dumpster diving are two non-technical
approaches that hackers use to collect data for their mission. Social engineering is a con
game. A hacker masquerades as a technical expert, luring an unsuspecting user into
sharing (what appears to be) harmless information about the system. This can include the
system’s name or its 800 dial-in number. In some cases, a hacker does such an effective
job at gaining the confidence of the individual that he or she may reveal his username or
password. This provides a clear path of invasion for the hacker. Users should be
extremely cautious about with whom they share information about the system – even if it
is a piece of information that seems insignificant.
Dumpster diving involves a hacker pursuing output that has been generated by the
system. Reports are regularly produced which contain data from computers. Some will
get filed others will be tossed out. When reports are thrown out it is usually done without
thought as to what data is on the report. Users don’t normally destroy reports when they
are no longer needed. They often end up in recycle bins or garbage cans. Anyone who
has easy access to a trash dumpster can retrieve anything from it. A hacker might find
valuable information this way. Shredding or manually tearing up unwanted documents
will significantly inhibit a hacker’s chances of discovering a fruitful paper trail from the
target machine.
Obtaining a valid password is another way in which a hacker can gain access to a system.
The user community needs to be very careful about managing their passwords. For
starters, chosen passwords should be difficult for a hacker to guess. Using something like
a first name or a spouse’s name is not considered secure. Selecting an uncommon word
combined with a number is a good for a password. Crack is a widely-known tool that
can be used to determine poor passwords. This is best used by an administrator to
discover vulnerable passwords on his system and coach users in selecting more secure
passwords. The downside of Crack is that a hacker can get a hold of it and run it to
determine passwords on a system for intrusive purposes.
In addition to non-technical methods of protection against hackers, there are also many
technical tasks that a system administrator can do to secure a system. The items listed in
this paper are referencing the HP-UX operating system. Much of this can be applied to
other UNIX implementations and the general concepts are applicable in most computing
environments.
The first thing a hacker will often do is attempt to gather information about the target
machine. If the system is on a network to which the hacker has access, he has the ability
to invoke a number of commands from his machine to get information about the other
machine. These commands include: telnet, finger, showmount, and rwho. The
fortunate thing is that these commands can be secured to a certain extent. A good system
administrator should know how to make these commands more secure.
Proactive account management is also an activity that system administrators can do to
decrease the likelihood of intrusion by hackers. When an employee leaves a company or
perhaps changes departments, the administrator should remove or disable her account.
Leaving it active is considered “dormant” and is an easy target for hackers. Accounts
without passwords are also highly vulnerable to attack.
A system administrator has the ability to convert his system to “trusted”. The HP-UX
trusted system facility is available through the graphical administration tool (SAM). It
offers a much stricter level of security for the machine. Policies can be set for the entire
system or by individual user. Features include login management capabilities, enhanced
password management, enhanced terminal security, process auditing, and password
history.
Various log files on a computer system reflect different types of activity that occur on the
system. Viewing these files can reveal suspicious activity. The standard set of HP-UX
log files includes tracking of successful logins and unsuccessful login attempts over time,
currently logged in users, shutdown activity, scheduled activity, network services, and
web server activity. Log file entries can be monitored through execution of the swatch
tool.
Basic UNIX security is built upon a paradigm of access (read, write, and execute) being
provided for the owner of a file, the group members of the file and any user that does not
fit into one of the two former categories. Specific file owners and the system
administrator are the only individuals capable of setting permissions for specific files.
Access Control Lists provide an even more granular approach toward file security. Poor
file permission settings, especially open write access, can render a hacker the opportunity
to create “backdoors”. Backdoors allow a hacker to login to the machine at his
convenience, usually unbeknownst to the administrator. Tripwire is an excellent tool
that monitors file modifications. The COPS utility checks inappropriate file permissions.
Most computer systems are connected to an internal network and many are also
connected to the Internet. Networked computers are significantly more susceptible to
attack than standalone configurations. This is unfortunate, however, because networking
is essential for the way business is conducted these days. Networking provides file
sharing and print sharing among other numerous benefits.
There are a number of precautions which an administrator can take to secure network
connections. Inetd is a process that continuously runs on HP-UX. It is responsible for
“front ending” the majority of network service requests that come in to a machine. It
evaluates the security of the request and if the request passes evaluation, then it is passed
on to the specific network service to complete the request.
As much as we would like to believe that our popular name service resolution techniques
(e.g., NIS and DNS) are secure, they are actually fundamentally unsecure pieces of
network infrastructure. Configuration files can be added to these environments to
decrease the vulnerability of the system.
Hackers have methods for spoofing IP addresses and also capturing packets that travel
across a network. Double-Reverse Name Resolution, authentication, and encryption are
alternatives that assist in the effort to secure a network. SATAN is a well-known tool
that can be used to determine network vulnerabilities on a system or a subnet.
In the event that a security breach occurs on a computer, the approach toward resolution
and recovery should be fairly standard across any operating system. The damage should
be assessed immediately and contained. If the hacker is still on the system, then tracing
his command history will give the administrator an idea of what the hacker has already
done. Whether the hacker is on or off the machine is only one factor that should be
considered when deciding on what to do after a break in is discovered. Disconnecting a
system from the network or putting the system into single user mode might be initial
options for the administrator.
The course of action following a break in depends on the extent of the damage and also
the security policy of the organization. Recovery procedures should be implemented and
once complete, business should proceed as usual. Having each user change his or her
password as part of recovery is a must.
The development of a computer security policy is an investment that all companies
should make. It defines the standards by which security will be enforced throughout the
company. Responsible parties should be identified and more importantly, a clear plan of
action should be outlined to address any security issues that arise.
Operating system security is extremely important in a computing environment.
Unfortunately, it is not embraced to the extent that other protective measures are (e.g.,
mirroring of disks, CPU redundancy, UPS). Reaction to a break in typically results in
more attention being directed toward security. One point that cannot be underscored
enough, is that security is not the sole responsibility of a system administrator, it is the
combined responsibility of everyone who uses the machine.
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement