Usenet Security
David Collier-Brown
daveb at geac.UUCP
Mon Feb 22 02:40:55 AEST 1988
In article <108 at tron.UUCP>, celozzi at tron.UUCP (Dominic J Celozzi) writes:
>> Wanted: information concerning security of usenet and uucp connections.
In article <2739 at codas.att.com> mikel at codas.att.com (Mikel Manitius) writes:
>Very simple, if you've got a UNIX machine with a modem, it's not secure.
To be a bit more specific (:-)), if you have a normal unix system
providing mail which takes the site!site!name notation, you are subject
to having the forwarding mechanism ship all sorts of "interesting"
things through, and if your normal uucp "security" has been reduced
below the default for reasons of usability, you can find yourself
executing a virus..
A C-secure unix is no help here: you need a B- or C-secure
machine, and a secure communications processor (the A-secure gutted
Unix of yore). Uucp is formally insecure.
--dave
ps: the letters refer to a US security standard. B means your are
resistant to penetration and have a second, separate set of
non-overridable file permissions (as a minimum). C is less so, and D
means "you flunked".
--
David Collier-Brown. {mnetor yunexus utgpu}!geac!daveb
Geac Computers International Inc., | Computer Science loses its
350 Steelcase Road,Markham, Ontario, | memory (if not its mind)
CANADA, L3R 1B3 (416) 475-0525 x3279 | every 6 months.
More information about the Comp.unix.wizards
mailing list