lance@unigold.UUCP (Lance Ellinghouse) (12/10/90)
I am sick and tired of hearing everyone say SCO's C2 is not worth anything... Here is an example of someplace it *DID* help... At one of my jobs, we have SCO ODT installed (full server version and stuff).. One day I tried to call in from home and found the terminal line Disabled by the C2 security.. This seemed odd.. So I looked into it and then enabled it again. Over the next week or two, we had the line locked/disabled by C2 every couple days... Finnaly it stopped for no reason. We have checked EVERYONE's accounts and they are all ok with no illegal accesses found. Thus we concluded that someone was TRYING to break in to our system but gave up after being locked out after a few tries each day... We are THANKFUL that SCO *DID* Have C2 in the system or that person may have actually GOTTEN in!! --- Now SCO's C2 does have it's problems.. That I will agree, but it does not take much extra time to use it correctly! +-------------------------------------------+ |Lance Ellinghouse | |E-mail: lance@unigold.uucp | | lance@unigold.sr.com | | hermix!unigold!lance@anes.ucla.edu | +-------------------------------------------+
mikes@iuvax.cs.indiana.edu (Michael Squires) (12/10/90)
In article <36@unigold.UUCP> lance@unigold.UUCP (Lance Ellinghouse) writes: > >Thus we concluded that someone was TRYING to break in to our >system but gave up after being locked out after a few tries >each day... I had the same thing happen to me this summer; the problem was that the system was not connected to anything at all (other than the console display) and no one had logged in since the last boot. The security system had been corrupted by something within the system itself. I understand that this problem has been fixed by the UFA/UFB fixes but it did not leave me with a warm furrry feeling.... I have no doubt that C2 security is required in some applications; what bothers me is not being able to turn off major portions of it when they are not required. -- Mike Squires (mikes@iuvax.cs.indiana.edu) 812 855 3974 (w) 812 333 6564 (h) mikes@iuvax.cs.indiana.edu 546 N Park Ridge Rd., Bloomington, IN 47408 Under construction: mikes@sir-alan@cica.indiana.edu
jfh@rpp386.cactus.org (John F Haugh II) (12/10/90)
In article <36@unigold.UUCP> lance@unigold.UUCP (Lance Ellinghouse) writes: >Thus we concluded that someone was TRYING to break in to our >system but gave up after being locked out after a few tries >each day... A useful (read: properly implemented and installed) system would have told you what was going on. >We are THANKFUL that SCO *DID* Have C2 in the system or that >person may have actually GOTTEN in!! You haven't convinced me anyone was trying. -- John F. Haugh II UUCP: ...!cs.utexas.edu!rpp386!jfh Ma Bell: (512) 832-8832 Domain: jfh@rpp386.cactus.org
james@bigtex.cactus.org (James Van Artsdalen) (12/11/90)
In <36@unigold.UUCP>, lance@unigold.UUCP (Lance Ellinghouse) wrote: > I am sick and tired of hearing everyone say SCO's C2 > is not worth anything... Here is an example of someplace > it *DID* help... > One day I tried to call in from home and found the terminal > line Disabled by the C2 security.. This seemed odd.. > We have checked EVERYONE's accounts and they are all ok with > no illegal accesses found. > Thus we concluded that someone was TRYING to break in to our > system but gave up after being locked out after a few tries > each day... Whoa! That's quite a leap of faith. Going from "C2 shut down terminal line" -> "no illegal access" -> "someone was trying to break in"? Sounds like we're still clueless as to what happened. Occam's Razor: there's probably a bug in the C2 code. > We are THANKFUL that SCO *DID* Have C2 in the system or that > person may have actually GOTTEN in!! The power switch is even more effective than C2, and from the sounds of the complaints, might have less impact on productivity. :-) -- James R. Van Artsdalen james@bigtex.cactus.org "Live Free or Die" Dell Computer Co 9505 Arboretum Blvd Austin TX 78759 512-338-8789
pizzi@esacs.UUCP (Riccardo Pizzi) (12/11/90)
#include <std/disclaimer.h> In article <36@unigold.UUCP> lance@unigold.UUCP (Lance Ellinghouse) writes: >I am sick and tired of hearing everyone say SCO's C2 >is not worth anything... Here is an example of someplace >it *DID* help... Let's see... >At one of my jobs, we have SCO ODT installed (full server >version and stuff).. >One day I tried to call in from home and found the terminal >line Disabled by the C2 security.. This seemed odd.. >So I looked into it and then enabled it again. >Over the next week or two, we had the line locked/disabled >by C2 every couple days... Finnaly it stopped for no reason. >Thus we concluded that someone was TRYING to break in to our >system but gave up after being locked out after a few tries >each day... We have several machines with sCO UNIX 3.2.0 installed. Once every 4-5 days happens that some terminal gets disabled without apparent reason, this on all the machines we have. Fortunately, the new release (3.2.2) seems to have less problems than the previous one, as this nasty behaviour doesn't show up. >We are THANKFUL that SCO *DID* Have C2 in the system or that >person may have actually GOTTEN in!! Bullshit! In fact, if you set reasonably safe passwords on *all* accounts on the machine, nobody will be able to break your system. C2 is not necessary for this, it only puts in additional troubles. Maybe it could be useful to enhance the shell environment security. Rick -- Riccardo Pizzi @ ESA Software, Rimini, ITALY e-mail: pizzi%esacs@relay.EU.net -or- root@xtc.sublink.org Public Access Unix @ +39-541-27858 (Telebit) << Object Oriented is an Opaque Disease >>
allbery@NCoast.ORG (Brandon S. Allbery KB8JRR) (12/14/90)
As quoted from <36@unigold.UUCP> by lance@unigold.UUCP (Lance Ellinghouse): +--------------- | I am sick and tired of hearing everyone say SCO's C2 | is not worth anything... Here is an example of someplace | it *DID* help... | | One day I tried to call in from home and found the terminal | line Disabled by the C2 security.. This seemed odd.. | | So I looked into it and then enabled it again. +--------------- We had this capability on a RADIO SHACK MODEL 16 RUNNING XENIX 2.3, fercryinoutloud!!! (The original ncoast, if anyone cares. The replacement getty/login we ran only blocked user accounts that way, but I had the source and could have implemented terminal locking if it had been necessary.) It does not justify making crontabs for maintenance accounts unmaintainable without a reboot. ++Brandon -- Me: Brandon S. Allbery VHF/UHF: KB8JRR on 220, 2m, 440 Internet: allbery@NCoast.ORG Packet: KB8JRR @ WA8BXN America OnLine: KB8JRR AMPR: KB8JRR.AmPR.ORG [44.70.4.88] uunet!usenet.ins.cwru.edu!ncoast!allbery Delphi: ALLBERY
brian@edat.UUCP (brian douglass personal account) (12/16/90)
>As quoted from <36@unigold.UUCP> by lance@unigold.UUCP (Lance Ellinghouse): >+--------------- >| I am sick and tired of hearing everyone say SCO's C2 >| is not worth anything... Here is an example of someplace >| it *DID* help... >| >| One day I tried to call in from home and found the terminal >| line Disabled by the C2 security.. This seemed odd.. >| >| So I looked into it and then enabled it again. >+--------------- [deleted stuff from other about a leap of faith] My system was also locking up unexplainably every day. Turned on the audit control system and found out that a uucp account from another system that calls in had expired. Issued a new password and had the other site change their Systems entry, everything was great! The real problem was that the audit control file chewed 24MB in just one day of low load use. I very quickly turned it off. Since NIST recommends that all government purchased systems be at least C2 level, and the government bought nearly $2 Billion worth of Unix products last year, I thank most of this security wrangling comes down to a sales issue for SCO. Yes they are listening the complaints, but their minds are made up and C2 is here to stay. -- Brian Douglass brian@edat.uucp
dme@doc.ic.ac.uk (Dave Edmondson) (12/19/90)
This is quoted from the December 1990 issue of UnixWorld, and is
reproduced without permission (see page 16):
"SCO TO EASE UP ON OVERTIGHT SECURITY
The Santa Cruz Operation says it will make things a little easier for
users who've had trouble with the new security features in SCO UNIX
3.2 Version 2.0. The company added the security features to qualify
for the Defense Department's C2 security classification. At first SCO
claimed the security features don't affect users at all and shouldn't
give system administrators much grief, either. But some system
administrators complain about the increased complexity of adding new
users with the security turned on, and the apparent lack of a way to
turn the security features off.
SCO says that the nex versions of its UNIX will address all
thos problems. According to SCO UNIX Product Manager Charley Watkins,
the ``security administration'' menu system will be combined with the
system administration menus to make adding users a one-step process,
and setting security to a minimum will also require one step. Watkins
also says SCO is working on a command-line interface for system
administration for system administrators who don't line useing SCO's
menu system."
All of the typos are mine. Sorry if you see this as advertising - I
thought that it might be informative.
dave.
--
Dave Edmondson, Systems Support. Opinions are all my own.
Department of Computing, Imperial College of Science, Technology and Medicine,
180 Queen's Gate, London SW7 1BZ. phone: 071-589-5111 x5085 fax: 071-581-8024
email: dme@doc.ic.ac.uk, ..!ukc!icdoc!dme, dme@athena.mit.edu
``Be selective, be objective, be an asset to the collective'' -- Jazzy Bsef@kithrup.COM (Sean Eric Fagan) (12/20/90)
(This article is a bit strange, folks...) In article <DME.90Dec19100724@stork.doc.ic.ac.uk> dme@doc.ic.ac.uk (Dave Edmondson) writes: >This is quoted from the December 1990 issue of UnixWorld, and is >reproduced without permission (see page 16): > > "SCO TO EASE UP ON OVERTIGHT SECURITY >The Santa Cruz Operation says it will make things a little easier for >users who've had trouble with the new security features in SCO UNIX >3.2 Version 2.0. This is a very strange sentence; I'm not sure if I understand it. (Yeah, yeah, yeah, I know.) It can be parsed two ways: one being that things are easier in 3.2 Version 2.0, the other being that thing will be easier than they are in 3.2 Version 2.0. (See what I mean?) Anybody know? (I told you it was strange...) -- Sean Eric Fagan | "I made the universe, but please don't blame me for it; sef@kithrup.COM | I had a bellyache at the time." -----------------+ -- The Turtle (Stephen King, _It_) Any opinions expressed are my own, and generally unpopular with others.
allbery@NCoast.ORG (Brandon S. Allbery KB8JRR) (12/24/90)
As quoted from <1990Dec20.043052.611@kithrup.COM> by sef@kithrup.COM (Sean Eric Fagan): +--------------- | (This article is a bit strange, folks...) | In article <DME.90Dec19100724@stork.doc.ic.ac.uk> dme@doc.ic.ac.uk (Dave Edmondson) writes: | >The Santa Cruz Operation says it will make things a little easier for | >users who've had trouble with the new security features in SCO UNIX | >3.2 Version 2.0. | | yeah, yeah, I know.) It can be parsed two ways: one being that things are | easier in 3.2 Version 2.0, the other being that thing will be easier than | they are in 3.2 Version 2.0. (See what I mean?) +--------------- let me get this straight: you expect an industry journalist to be able to write correct English? ;-) ;-) ;-) ++Brandon -- Me: Brandon S. Allbery VHF/UHF: KB8JRR on 220, 2m, 440 Internet: allbery@NCoast.ORG Packet: KB8JRR @ WA8BXN America OnLine: KB8JRR AMPR: KB8JRR.AmPR.ORG [44.70.4.88] uunet!usenet.ins.cwru.edu!ncoast!allbery Delphi: ALLBERY