Although there have been many articles on UNIX network security issues have been widely discussed, but with the progress of technology and people's understanding of security issues, always have security problems are exposed, and be amended. This paper introduces two security problems caused by the lack of technical understanding, and gives the solution method.
Security issues with the shutdown user.
In recent years, many articles have introduced one of the so-called most secure UNIX shutdown users. The main idea is to add the/etc/shutdown command or join the/etc/haltsys command directly at the end of the shutdown user line in the/etc/passwd file or/etc/shadow file instead of the/bin/sh command. This way, even if someone knows the password of the shutdown user (or does not set the user's password for the shutdown), the shutdown user is not allowed to enter the UNIX system by the shutdown user, which is strictly defined as a superuser with only the machine function. This shutdown user has been recognized as the "safest shutdown user".
This user is more secure than other shutdown methods, especially in a stand-alone state, and its security is trustworthy. Unfortunately, the shutdown user in the UNIX network also has a certain security risks. This is mainly caused by the use of the shutdown user itself, first of all, because users in the network almost all need to shut down the user, so the shutdown users often do not set the password or by many people at the same time master the password; On the other hand, shutting down a UNIX system requires that the shutdown user have Superuser In this way, although the DEL key can not be interrupted or the use of the SU command and other means to invade the UNIX system, but the use of some network remote commands may be through the Shutdown User intrusion Unix system, or even into the root of the super user of SH state.
1. Questions raised
Assume that computer A has a shutdown user name of shutdown, whose settings and permissions are set by the "Safest shutdown user" method, because the system administrator, software Administrator, and general operator are required to use the user and have not been set a password. Set Computer A's IP address to 129.15.21.77.
In this case, if you want to attack computer A from another computer (assuming computer B), use the UNIX System Network remote command, the "Most secure shutdown user" of Computer A: shutdown to achieve the goal. First, add the following code to the/etc/hosts file in Computer B:
129.15.21.77 Hostshut
Then enter any ordinary user in Computer B and type the following command:
Rcmd hostshut-l shutdown vi/etc/passwd
or rcmd hostshut-l shutdown Vi/etc/shadow
In this way, the ordinary computer user has opened the password text for all users in computer A, including Root superuser, with the VI command in Computer B. You can then easily log on to any of the users of computer A by using remote commands such as Telnet, rlogin, and so on, as long as you change or remove these passwords. If you break into a malicious user at this time, the consequences for computer A will be disastrous.