Home page logo

bugtraq logo Bugtraq mailing list archives

Re: TCP SYN probe detection tool available
From: jrvalverde () samba cnb uam es (J.R.Valverde)
Date: Mon, 27 May 1996 10:43:23 WET

We are trying to set up the Enhanced Security option in a BSD Ultrix
System 4.3a.
Everything goes well, but now we can only su from console. Is there any
workaround for this ?. The system administration  tasks aren't  carried

        I tried this way ago and discovered that the only way was to make
ttys secure. The problem then is that ttys are assigned by login order,
meaning that the first logins should be those of system administrators.
Too bad. (Well, there are other ways, but I wouldn't even seriously mention

        What I'd suggest is a replacement for 'su' if you must necessarily
do it. I tried this approach later on a "secure" environment OSF/1 and it
worked, so I assume it should also work on Ultrix (couldn't test it there).

        I did it for a test, and forgot about the subject. I don't like
the idea anyway of anybody being able to suid root from any network
terminal. If you must do it, I'd advise you at least try to make it as
difficult to subvert as possible. And at least safer that the "SECURE"
environment you are installing (otherwise it would be senseless).

        That could mean: get a replacement for 'su' and 'passwd' (you can
give'em other names) for sysadmins. Ensure these use a separate password
file with shadow passwords in a hidden, root-readable only, directory, that
they require 'good' passwords, check against dictionaries, enforce bigger
password lengths and allow for 8+ length passwords, log every use and can
only be run by your sysadmins.

        The point is that there is no single root password, but rather
that each potential sysadmin can have his/her own one, so you don't have
a shared secret and they can change their root password often enough to
avoid "guessing" attacks without the load of having to spread a single
password among many people.

        In addition I would also install SSLeay (since you're in Spain) and
ssh and require that all remote logins by potential sysadmins be done via
them, to avoid password sniffing of their normal user and root passwords.
Forcing them to use a restricted shell could be useful too.

        And all other tricks you can add. 'root' is the most sensible door to
your system in the network.

        Note: many of the ideas above originally came from R.J.White, a
colleague who thought of them before and built a similar system.

        Note2: since you're in Spain too, maybe I can help you more
directly. Just drop me a note.


Jose R. Valverde

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]