crontab for ordinary users
David Curry
davy at sparkyfs.istc.sri.com
Sun Oct 28 08:23:58 AEST 1990
In article <4073 at goanna.cs.rmit.oz.au> msf at wren.cs.rmit.OZ.AU (Michael Fuller) writes:
>
>p.s. Security papers would do a much better job of trying to beat things
>into people if they were widely diestributed and publicised.
Well, a while back I wrote "Improving the Security of Your UNIX
System". It is widely distributed and has been widely publicized.
(The paper itself was posted to comp.doc; the notice was sent to
SUN-SPOTS, RISKS, CERT-TOOLS; it has been mentioned in SunExpert, ACM
SIGCOMM, and a few data security newsletters.)
Don't put all the blame on us author-types. We can only post stuff in
so many places. You need to make an effort to get onto the security
lists, newsgroups, and so on too.
--Dave Curry
--------------------------------
Last update: October 23, 1990
The SRI International white paper, "Improving the Security of Your UNIX
System," may be obtained via the following methods:
1. ANONYMOUS FTP
The document is available via anonymous FTP from the following
hosts:
(West Coast) Host: FTP.ERG.SRI.COM
Addr: 128.18.4.39
File: pub/security-doc.tar.Z
(West Coast) Host: GATEKEEPER.DEC.COM
Addr: 16.1.0.2
File: pub/doc/sri-security-doc.tar.Z
(East Coast) Host: UUNET.UU.NET
Addr: 192.48.96.2
File: doc/security-doc.tar.Z
(Midwest) Host: TUT.CIS.OHIO-STATE.EDU
Addr: 128.146.8.60
File: pub/security/security-doc.tar.Z
(Southwest) Host: TITAN.RICE.EDU
Addr: 128.42.1.30
File: sun-source/secdoc.shar.z.uu (uuencoded)
(MILNET) Host: WSMR-SIMTEL20.ARMY.MIL
Addr: 26.2.0.74
File: pd2:<unix-c.info>security-doc.tar-z
(Australia) Host: tasis.utas.oz.au
Addr: 131.217.20.1
File: pub/security-doc.tar.Z
(Australia) Host: ftp.adelaide.edu.au
Addr: 129.127.40.3
File: pub/misc/security-doc.tar.Z
(Canada) Host: cs.toronto.edu
Addr: 128.100.1.65
File: doc/security-doc.tar.Z
(Europe) Host: mcsun.eu.net
Addr: 192.16.202.1
File: documents/security-doc.tar.Z
(Scandinavia) Host: funic.funet.fi
Addr: 128.214.6.100
File: pub/doc/security/security-doc.tar.Z
Transfer the file in "binary" mode from all the hosts, except use
"tenex" mode from SIMTEL-20. After you get the file, execute
the commands:
% uncompress security-doc.tar.Z
% tar xf security-doc
% cd security-doc
And now consult the README file.
Note: if you get the file from TITAN.RICE.EDU, instead use the commands:
% uudecode secdoc.shar.z.uu
% uncompress secdoc.shar.Z
% sh secdoc.shar
% cd security-doc
2. UUCP
UUNET subscribers can obtain the document via UUCP from UUNET using a
command of the form
uucp uunet!~/doc/security-doc.tar.Z destination-filename
U.S. sites which do not subscribe to UUNET may still access the document
by calling the 1-900-GOT-SRCS (468-7727) and logging in as "uucp" with
no password. All modems connected to the 900 number are Telebit T2500
modems supporting PEP, V.32 (9600), V.22bis (2400), Bell 212a (1200),
and Bell 103 (300). Use an L.sys line such as:
uunet Any ACU 19200 1-900-468-7727 in:--in:--in: uucp
NOTE: The telephone company will charge you US$0.40/minute for this
service. There is no charge directly from UUNET. At PEP or V.32
speeds, the document will cost approximately $2.00 in connect time
(175 kbytes).
-----
You can obtain the file via "anonymous" UUCP from Ohio State University
by placing the following line in your L.sys file:
#
# Direct Trailblazer
#
osu-cis Any ACU 19200 1-614-292-5112 in:--in:--in: Uanon
#
# Micom port selector, at 1200, 2400, or 9600 bps.
# Replace ##'s below with 12, 24, or 96 (both speed and phone number).
#
osu-cis Any ACU ##00 1-614-292-31## "" \r\c Name? osu-cis nected \c GO \d\r\d\r\d\r in:--in:--in: Uanon
and then issue the command
uucp osu-cis!~/security/security-doc.tar.Z destination-filename
-----
The document is also obtainable via anonymous uucp access from "sir-alan"
which supports 19.2K bps PEP (814 337 3159) and 9600 USR HST/V.32
connections (814 337 0348; send one BREAK after CONNECT 9600). Login
is "pdsrc", no password.
Systems/L.sys entries:
sir-alan Any ACU 19200 18143373159 ogin:--ogin:--ogin: pdsrc
sir-alan Any ACU 9600 18143370348 ogin:-BREAK-ogin:-BREAK-ogin: pdsrc
uucp command:
uucp sir-alan!/u/pubdir/UNIX/security.tar.Z destination-filename
For help, get "sir-alan!/u/pubdir/HELP".
3. BITNET
BITNET users may obtain the document via the European TRICKLE servers
from the UNIX-SW archives. To do this, use the TELL command as follows:
TELL TRICKLE AT SOMEHOST /PDGET <UNIX-C.INFO>SECURITY-DOC.TAR-Z
where SOMEHOST is one of:
DKTC11 Denmark
TREARN Turkey
IMIPOLI Italy
BANUFS11 Belgium
AWIWUW11 Austria
DB0FUB11 Germany
EB0UB011 Spain
There are no TRICKLE hosts in the U.S.; the Europeans are graciously
allowing U.S. BITNET users to access their machines. Please be kind
to them. Sorry, but the LISTSERV machines at RPIECS and NDSUVM do
not provide access to the UNIX-SW repository.
The file will arrive in BITSEND, NETDATA format. You should use the
BITRCV command from RDRList to get the file. (I have no idea what
this means -- go find an IBM guru if you don't know either.)
This will be a BINARY file. You won't be able to do much of anything
with it on an IBM system. Instead, transfer it to a UNIX system,
and then uncompress it and extract the tar file, and then format
things. See above under "FTP" for how to do this.
NOTE: the connection from the TRICKLEs to SIMTEL-20 has been lousy
of late. You may wish to try sending
/PDGET FUNIC.FUNET.FI:disk1/pub/doc/security/security-doc.tar.Z
to LISTSERV at FINTUVM.BITNET instead.
4. ELECTRONIC MAIL
The document may also be obtained from the SUN-SPOTS archive server
located on host TITAN.RICE.EDU. In order to request the document,
send a note with the words
send sun-source secdoc.shar.z.uu
to "archive-server at titan.rice.edu" (uunet!rice!archive-server).
-----
The document may be obtained in the United Kingdom from the cam.cl
info-server in the "sources transient" directory. Send the message
request sources; topic transient security-doc.tar.Z
to "info-server at uk.ac.cam.cl". Contact pb at uk.ac.cam.cl for more
info.
-----
If you are an EUnet site, contact your national backbone site. Many
of them have set up an info server which you can use, but details
differ from country to country.
5. DECNET
DECNET users can obtain the file by copying
DECWRL::"/pub/doc/sri-security-doc.tar.Z"
by using the COPY command, or whatever.
6. ACSnet (Australia)
Use "fetchfile" from the host sirius.ua.oz to get the file
"misc/security-doc.tar.Z".
7. USENET
An "nroff" version of the paper was been posted to the USENET newsgroup
"comp.doc" on May 7, 1990. Article id: <13498 at ucsd.Edu>
More information about the Comp.unix.shell
mailing list