dag@esleng.ocunix.on.ca (Dave Gilmour) (04/02/91)
Our company is currently under contract to provide some software to a customer that is worried that, because our system is connected to the USENET, it could potentially become infected with a virus and subsequently transmit that virus to their machine via the delivered software. Given this, I basically have three questions: 1) Are viruses a problem on UNIX machines that are connected to the net? We do not accept binary UNIX sources on our machine, so I presume that trojans are more likely to be a problem than viruses. 2) If viruses are out there ready to infect my UNIX machine, is there any software that I can run to detect/remove them from my machine? 3) What steps should I take in order to "reduce the risk" |-) Any help in the matter will be greatly appreciated. As always, if there is sufficient interest I will summarize to the net. Thanks. System Info : ISC2.2 System V R3.2, Everex Step 386/33 __________________________________________________________________________ David A. Gilmour | dag@esleng.ocunix.on.ca Excalibur Systems Limited | uunet!mitel!cunews!micor!esleng!dag Kanata, Ontario, Canada | -- __________________________________________________________________________ David A. Gilmour | dag@esleng.ocunix.on.ca Excalibur Systems Limited | uunet!mitel!cunews!micor!esleng!dag Kanata, Ontario, Canada |
raisch@Control.COM (Robert Raisch) (04/02/91)
dag@esleng.ocunix.on.ca (Dave Gilmour) writes: >1) Are viruses a problem on UNIX machines that are connected to the > net? We do not accept binary UNIX sources on our machine, so I > presume that trojans are more likely to be a problem than viruses. Not in my experience. Though the Internet Worm episode does make a lot of people edgy. It should be noted that the Worm used WELL KNOWN trapdoors and flaws in systems software to attack. Both Sun and Dec were aware of these security holes as far back as 1980. Thus it becomes a question of, who is culpable and how do we get the suppliers of systems software to secure their products? IMHO, the Worm episode was a good thing. (*flames >/nev/dull*) >2) If viruses are out there ready to infect my UNIX machine, is there > any software that I can run to detect/remove them from my machine? None that I am aware of, though a good network monitoring program can tell volumes, (if you are conversant in the various net protocols.) >3) What steps should I take in order to "reduce the risk" |-) If you compile a source distribution that you have received from the net on your machine: READ THE SOURCE!!!! UNDERSTAND WHAT IT IS DOING!!!! An ounce of prevention, blah blah blah. >Any help in the matter will be greatly appreciated. As always, if there is >sufficient interest I will summarize to the net. I felt that this response would be of general interest, thus I posted. >Thanks. No prob. -- "I ate his liver with some fava beans and a nice chianti." -Lector
Link_-_APO@cup.portal.com (04/08/91)
Hi,
I myself just finished reading a new and enlightening book on UNIX system
security titled "UNIX System Security - How To Protect Your Data and
Prevent Intruders". Rik Farrow is the author and Addison Wesley is the
publisher.
For those of you who are flaming about the sendmail and finger
'bugs', the chapter on Communication and Network Security includes
the stories behind those security problems.
-------------------------------------------------------------------------
^-^
(`|') /) CAE Link Flight link_apo@cup.portal.com
/ \// Sandy Johan sun!portal!cup.portal.com!link_apo
( | | ) 1077 E. Arques Ave
\O-O/ Sunnyvale, CA 94088rbraun@spdcc.COM (Rich Braun) (04/09/91)
uunet!bria!mike writes: >How to achieve absolute security: > > Never purchase a computer; ... > >The point I'm making (while being a wise-ass in the process) is that there >is no way to truly protect your machine. If someone wants to do you damage >badly enough, they will find a way. >... >My personal recommendation is: do what is reasonable (passwords, etc.) >and don't worry too much about it. This is not particularly helpful advice when trying to justify modems, Internet connections, electronic mail, etc. to a conservative executive. A case in point: Oracle only got its electronic mail systems up and running within the past year or two. Their original policy was to restrict access, for security reasons. Digital still has a policy of restricting all Internet communications except those going through a single bottleneck. Out in the real world, at real companies, security is still a major issue. Telling an executive to "do what is reasonable and don't worry" just isn't going to give the engineer what he wants: instant communi- cations access to other folks who can answer his questions. Some companies, like BBN, open up the floodgates and allow anyone on the Net to beat on their software. That's in their interest, because they are in the business of selling well-tested network software. Most others do not share that level of disregard for data security. I've gotten a couple of personal e-mail responses letting me know of published accounts regarding Unix and network security. One of them is the June 1990 issue of Unix World, which I'll have to go investigate. -rich