Network Security Manual <1>

Article Title: Network Security Manual 1. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
This article mainly discusses network and data communication security, which is divided into six parts. the first part outlines the largest and oldest UNIX Network UUCP system, the second part discusses the security of UUCP, the third part discusses the new honey danber uuucp and security features, and the fourth part discusses other UNIX networks, it includes ipve and NSC. The fifth part discusses the physical security of communication. The last part discusses the network security of Sun OS system of Sun Microsystem.
　　
1. UUCP System Overview
The UUCP system is a set of programs that complete file transmission, execute commands between systems, maintain statistics on system usage, and protect security. UUCP is the most widely used network utility system in UNIX systems. There are two reasons: First, UUCP is the only standard network system available in Various UNIX versions. Second, UUCP is the cheapest network system. you only need a cable to connect two systems, and then you can establish UUCP. if you want to transmit data between two systems that are several hundred or thousands of kilometers apart, you need two modulation with the dialing function.
Modem.
　　
　　
　　
(1) UUCP command
UUCP is one of the UCP commands. This command is used for file transmission between two systems. The uucp command format is similar to the cp command format, but UCP allows users to copy files between systems. The general format of the command is as follows:
Uucp source_file destination_file
Source_file is usually a file of the current system (but not necessarily). destination_file is usually a file or directory of another system. The format of destination_file specified is:
System! Filename or system! Directory.
Uucp provides an option for the system administrator to restrict the transfer of UCP files to and from the system to the/usr/spool/uucppublic directory structure. if you tell uucp to store the transmitted file in another directory, the system will return an email: remote access to path/file
Denied. uucp allows simplified symbols ~ Replace/usr/spool/uucppublic/. For example:
Uucp names remote !~ /John/names
Sometimes uucp can be used to copy files from another system to the system, as long as the files to be passed into the system are specified as source files (using system! File), such:
Uucp remotes! /Usr/john/file1 file1
If the directory for file transfer is restricted on the remote machine, the previous command cannot be copied to the file. the safest way to copy files to the system is to transfer files in both systems through the uucppublic directory:
Uucp remotes !~ /John/file1 ~ /Pat/file1
　　
　　
　　
(2) uux command
Uux commands can be used to execute commands on another system, which is called "Remote Command Line ".
Uux is most commonly used to send emails between systems (mail executes uux internally). Typical uux requests are as follows:
Pr listing | uux-"remote1! Lp-d pr1"
This command is used to orchestrate the file listing format and then connect to the system remote1 printer pr1. uux's option "-" enables uux to establish the standard input device of this command as a standard input device for remote commands. when only one of several systems is connected to a printer
Parts.
Of course, you must strictly restrict remote command reception to protect system security. For example:
The system should not allow users on other systems to run the following command:
Uux "yoursys! Uucp yoursys! /Etc/passwd (outside !~ /Passwd )"
This command transfers the/etc/passwd file to the system outside. Generally, only a few commands are allowed to be executed. rmail is a restricted mail program. It is often one of the commands that can be executed through uux. it also allows rnews (the restricted netnews pseudo offline command) to run on the system that runs netnews, and allows lp to run on the system that provides the printing device.
3) uucico Program
Uucp and uux commands do not actually call another system and send files and execute commands. Instead, they queue user requests and start uucico programs. uucico completes the actual communication work. it calls other systems, logs on, and transfers data (which can be files or requests for remote command execution ). if the telephone line is busy or other systems are shut down, the transmission request is still in the queue, and subsequent uucico operation (usually completed by cron) will send these transmission requests.
Uucico sends and receives data. in the/etc/passwd file of the system, uucico of other systems is logged on to the portal of the system. The default shell specified in this portal is uucico. therefore, when other systems call the system, they directly talk to uucico.
　　
　　
　　
(4) uuxqt Program
When another uucico calls the remote command execution request of the system, the uucico of the system queues the request and starts the uuxqt program to execute the remote command request before exiting.
The following example shows how data is transmitted. assume that a user in the system sends an email to someone in remote1 of another remote system, the mail will execute uux and run the remail program remotely on the remote1 system, the email to be sent is the remail command input. uux queues transmission requests, and then starts uucico to entertain the actual remote calls and data transmission. if remote1 responds to the request, uucico logs on to remote1 and sends two files: the email and the uux command file that will be executed by uuxqt on remote1. the uux command file contains a remail request. if remote1 is shut down when it is called, uucico will not be able to log on and transfer files, but cron will start uucico periodically (1 hour. uucico checks whether data has not been sent. If the target system of uux is remote1, it tries to call remote1 until remote1, or remote1 has not been called after a certain number of days. unsent emails will be returned to the user who sent the email as "undeliverable.
2. UUCP security issues
The UUCP system has no restrictions, allowing any users outside the system to execute any commands and copy any files read/written by UCP users. you should understand this in the specific uucp application environment and set protection as needed.
In UUCP, there are two programs to handle security issues. the first is the uucico program, which is started when other systems call the system. this program is the key to the UCP security of the system. It transfers and transfers the files of the system. the second program is uuxqt, which serves all remote command execution.
　　
　　
　　
(1) USERFILE
Uucico uses the file/usr/lib/uucp/USERFILE to determine which file the remote system sends or receives. The format is:
Login, sys [c] path_name [path_name...]
Login is the login name of the system, sys is the remote system name, c is the optional call_back sign, and path_name is the directory name.
When uucico is started as a logon shell, the remote system name and the logon name of the system are obtained, and the lines matching login and sys are found in the USERFILE file. if this row contains the call_back flag c, uucico will not transmit the file, disconnect the connection, and call the remote system (that is, any system can tell the system that its name is xyz, so the system suspends, call the actual xyz execution File Transfer). If there is no c, uucico will execute the remote system request file transfer. The transferred file name is assumed to start with path_name.
　　
　　
　　
You need to know the following:
. If the login name used by the remote system is not listed in USERFILE's login domain, uucico will refuse to allow other systems to do anything and suspend.
. If the system name is not listed in the sys domain, uucico uses USERFILE to have the first line of matched login name and empty system name, such as nuucp, /usr/spool/uucppublic application to all systems logged on as nuucp. cbuucp, c will force all systems logged on as cbuucp
If the system name of the call does not match any of the sys systems, and there is no entry, uucico will refuse to do anything.
If the call_back flag is set for both machines, the request for transferring files will never be executed and the two systems will call each other until one of the two systems cancels call_back.
. If a user's login is listed in the login domain of the USERFILE file, when uucico of the system is called to send the file to the user, uucico only transfers the file to the file in the directory specified by path_name. empty login name is used to log on to users not explicitly listed in the USERFILE file. so pat,/usr/pat
Only files in the/usr/pat directory structure can be transferred by pat.
,/Usr/spool/uucppublic/tmp
Other users can only transfer files in the/usr/spool/uucppublic directory and/tmp directory.
Do not allow uucico to copy files to/from any directory except the/usr/spool/uuucppublic directory. Otherwise, someone may use the following command to copy important information of the system:
Uucp yoursys! /Etc/passwd to-creep
(2) L. cmds File
Uuxqt uses/usr/lib/uucp/L. the cmds file determines the remote invocation Request command to be executed. the file format is one command per line. if you only need uuxqt to process the email, only one line of command is required in this file:
Rmail
The system administrator can log on to the user to execute the netnews (rnews) command or remote print command (lp), but cannot allow the user to execute the command to copy files to the standard output, for example, cat commands or network commands uucp. Otherwise, these people only need to input the following in their own systems:
Uux "yoursys! Uucp yoursys! /Etc/passwd (outside !~ /Passwd )"
Then you can wait for the system to send out the command file.
　　
　　
　　
(3) uucp Logon
The UUCP system requires two logon accounts: one is the account used to log on to other systems, and the other is the account used for system management. for example, if the data transmission login account header is nuucp and the management login account header is uucp, there should be two lines in the/etc/passwd file.
Uucp is generally reserved for UID and GID 5, because uucico has a SUID license for managing logon
The UID and GID of the nuucp account header should use other values.
　　
　　
　　
(4) uucp files and directories
/Usr/lib/uucp is used to store various uucp that cannot be directly run by users, such as uuxqt and uucico. this directory also contains several files to determine how uucp operates, such as L. cmds and USERFILE. these files can only be writable to the UCP management account header (the system administrator must not want the user to change the remote executable command table): According to the security point of view, another file that must be clear to the system administrator in this directory is L. sys. this file contains entries for each system that uucico can call. the entry data includes the phone number, logon name, and unencrypted password of the system called by uucico. needless to say, L. sys shall belong to the UCP management account and shall have an access permit of 400 or 600.
Uucp stores working files in the/usr/spool/uucp directory. the file name is C. the file at the beginning is a command file sent to other systems, containing requests for loading/picking data and executing commands on other systems. the file name is D. files starting with C. the data file of the file. the file name is X. files starting with uuxqt are remote execution requests from other systems. the file name is in TM. the starting file is the temporary file used by uucp to transfer data from other systems to the system. XQTDIR is uuxqt used to execute X. file directory. LOGFILE helps you manage UCP security. It contains information about whether a UCP request is successfully executed. the system administrator can check this file from time to find out which systems are logging into the system and executing uucp requests? What is a request? Check whether these requests attempt to perform operations that are not allowed.