Unix and
Computer Networks
Contents
Introduction – A Brief Overview of the UNIX Operating
System
The Threats to Computer Networks
Security Implications of Network Services
Introduction – A Brief Overview of the UNIX Operating System
Farrell (2001) defines Unix as an interactive, multi-tasking and multi-user operating system. It allows commands to be given at a terminal and these commands are executed immediately, rather than being queued for execution. It is also possible to interact directly with any program. More than one program can run simultaneously on the same computer without any of them interfering with each other. The computer switches back and forth between the programs quickly, giving the human the impression that the programs are actually running at the same time. UNIX also prevents badly written software from bringing down the entire system. Many users can log onto the same machine and they can be given different privileges and have private files.
Why UNIX is used
Advantages of the UNIX platform.
|
UNIX |
|
|
|
|
|
Scalability |
|
|
|
Proven to scale in very large environments |
|
|
Used on various hardware platforms, from workstations to supercomputers |
|
Mature platform |
|
|
|
Forms of Unix have been in place for more than 20 years |
|
|
Offer s a variety of software, development toolkits and utilities |
|
|
Plenty of free software available-particularly Internet services |
|
|
Available on nearly every hardware platform (from PCs and RISC systems to mainframes) |
|
|
|
|
Management |
|
|
|
Managed at a very low level through a character-based interface, making it easy to access all administrative functions remotely |
|
|
X Windows is network-enabled, letting any GUI utilities be accessed remotely |
|
|
Can be implemented in turnkey systems using simple GUI interfaces |
|
|
|
|
Large-scale directory services |
|
|
|
Lacks a standard directory service, but products like NIS, NIS+ and DCE directory services integrate closely with the OS and offer Unix-specific schemas by default |
The Threats to Computer Networks
Computer Networks have permanently changed the face of computing. Gone are the days of separate and distinct computers, and the sharing of files using floppy diskettes. Networks now allow people from different sides of the globe to exchange files, send electronic messages, and even control each other’s computers. Because networking has given users such immense powers, it has introduced a whole plethora of security issues. The network may allow someone, who you have never seen or met before, to erase the information on your hard drive at the touch of a button. Individuals can launch well-calculated electronic attacks on major institutions. In short, networks have created as many threats as they have created opportunities.
Unix and Networking
Thomas & Jean Yates (1985) highlight the fact that UNIX has benefited from and contributed to the popularity of networking. After years of development, UNIX has reached a stage where anything, which can be done on a single computer, can be done on a network of UNIX boxes. Unix has the following network features listed briefly below:
- Telnet and rlogin allow users to log onto a machine over the network
- FTP and SCP allow users to access files on a machine from another
- Mail and sendmail allow messages to be sent electronically (e-mail) to users on other computers
- Finger, whois, and ph allow information to be obtained about someone on another computer
- Synchronization of the computer’s date and time with other computers on the network
- Remote Procedure Call allows subroutines and programs to be run on remote machines
Unix is designed to be a friendly and trusting operating system, and because of this, most vendors pre-configure their systems to provide network services to all computers, by default. This is certainly not the most desirable policy in today’s world because network restrictions definitely need to be put into place.
A number of UNIX servers have facilities for limiting network connections based on IP address or hostname. For example programs, such as nntp allow you to specify which hosts can read netnews and it will block requests from unauthorized hosts.
File sharing over networks in UNIX is more complex. The operating system needs to manage aspects such as file locking and file ownership. One of the most widely used file systems is the NFS. Almost all versions of UNIX support it. NFS allows clients to access data on the server, whilst hiding the fact that the data is not stored on the client. The user just logs onto his system and uses files without having to know anything about where the files are stored.
However NFS is not perfect, and it has its security holes. NFS is based on Sun’s Remote Procedure Call (RPC), and thus uses it for authentication purposes. Unless a secure form of RPC is used, it is quite easy to spoof and get past it. Furthermore the information which is transmitted by NFS over the network is not encrypted, and it is relatively easy for eavesdroppers to pick up information. The data can be intercepted and replaced with malicious data such as viruses. Also since the UNIX filesystem is prone to weaknesses, and NFS uses it for access control, the same weaknesses get passed down to NFS.
NIS is another means of sharing information. Like NFS, it allows computers to share password files, group file, host tables and other files over the network. NIS allows a large network to managed easily since all the account and configuration information is stored on a single computer. NIS functions by having a certain line in a system database file that starts with a plus sign (+). This instructs the UNIX programs that are scanning the database file to query the NIS Server for the rest of the file.
As with NFS, NIS also has its limitations. NIS can be exploited in order to penetrate UNIX networks. It is quite possible to fool the NIS server and make it broadcast that you have an account. This account can be used to break into a client on the network and cause havoc. Again the RPC system can also be used for spoofing of addresses/hostnames. In addition if the + sign is placed in the wrong file and is interpreted as a username then users can log in using this. In very bad cases, the user may even have root privileges and the system is, thus, as good as finished.
Security Implications of Network Services
Network servers are the means which other people use to gain access to the files on a particular system. The server is responsible for determining what information is required by the client, whether the client is allowed to access the information, and finally transmitting the information if it is allowed. Most UNIX servers must run with root privileges. This can be dangerous because a flaw, which is built into the server, can leave it open to anyone who is aware of the problem.
Also since UNIX servers require IP addresses/hostnames for authentication purposes, another flaw is brought to light. It is a known fact that both the IP protocol and the DNS were not designed to be resistant to attack. People have been able to spoof IP addresses in order to gain access to a system quite easily.
In order to help with security, UNIX provides a number of useful programs. One of these programs is known as netstat. It allows all active and pending TCP/IP connections to the machine involved, to be viewed. This command is useful if it suspected that an unscrupulous individual might be hacking into the system. It shows the host and port number of each connection, as well as the status of the transmit and the receive queues. Of course, as mentioned above, hostnames and IP addresses can be spoofed (although it might be difficult to do this) and there is no way of preventing this.
Programs have also been developed to scan the network for known problems. Examples of such scanning programs include SATAN, Internet Security Scanner (ISS) and PingWare. However these same tools, when placed in the wrong hands, can be used by attackers to find vulnerabilities in the system.
Conclusion
Unix is a robust, network-orientated operating system. The Internet would probably not be able to function without it, and hence it plays in important part in the computing world. It has many weaknesses like any other program but it is still widely used because clearly its advantages outweigh its disadvantages.
References
|
Phillip Farrell (1991) |
Overview of Unix Available : |
|
Rebecca Thomas & Jean Yates (1985) |
A User Guide to the UNIX System, 2nd Edition, Published by McGraw& Hill USA |