Transcript Unix Wars I

mid 1960’s - Multics - proposed by AT&T, Honeywell, GE & MIT; funded by DARPA
1969 - Thompson & Ritchie create Unix
1978 to 84 - Bill Joy & Chuck Haley (Berkeley U.) create BSD Unix
Unix Wars I - BSD 4.2 versus System V
Unix Wars II - SVR4 versus OSF
ISO Standard - POSIX
1991 - Linus Torvalds creates Linux
Mach
BSD
System V
OSF/1
NeXTStep
SunOS
Free BSD
Linux
OS X
Solaris
AIX
HP-UX
Authentication
Admin
File Systems
Network-related
Audit
UID
• 16-bits
• ID 0 - 99 reserved
• ID 0 is root
GID
• 16 or 32 bits
• /etc/group stores local groups
• wheel group for system administrators
/etc/passwd
• entry: UserName:*:UID:GID:FullName:UserDir:UserShell
• passwords encrypted via crypt()
• salt
Standard Users
root
- superuser account
daemon
- executes as background process
- handles system events such as print spooling
lp
- print server process
guest
- generic visitor account
nobody
- default user for unprivileged access
- user owns no files
mail
- system account for email processing
sshd
- for running secure shell tasks
www
- for running a web server
shell
• command line interface
• Born (sh), c-shell (csh), tc-shell (tcsh)
commands
• ls -- list directory information
• cd -- set current directory
• pwd -- display current directory
• cat -- display contents of textfile
• whoami -- display current user
• su -- log in as a different user (will be prompted for password)
• man -- give help on command
• sudo -- execute a single command as root (must specify password)
ufs
ffs
 original Unix File System
 first tree-structured directory system
 Fast File System
 allows longer file names (255 chars rather than 14)
 supports symbolic links
inodes
 separate inode (index node) per file/directory
 an inode has an address (index) but no name
 each inode resides on the disk
 contents: • address of associated item (file/directory)
• item type
• item size (in bytes)
• time of last inode modification
• time of last modification of item (mtime)
• time of last item access (atime)
• reference count (number of names for this inode)
• item’s UID
• item’s primary GID
• item’s mode bits (permissions)
directory
 ...consists of a list of pairs: name - inode index
standard directory entries
. refers to this directory’s inode
.. refers to inode of the parent of this directory
shell commands
• cp -- copy (duplicate) file
• mv -- move file from one directory to another
• mkdir -- create new directory
• ln -- create new link (use -s flag for symbolic link)
• rm -- remove one name
• rmdir -- log in as a different user (will be prompted for password)
• chown -- change owner of file/directory
• chmod -- change mode (permissions) for a file
• umask -- set default mode (permissions) for this user
t “sticky” bit
- rwx r-x --- t
owner group world
- file
d directory
c character device (tty, printer)
b block device (disk, CD)
l symbolic link
s socket
Mode:
Example
r
w
x
s
read
write
execute
set (in place of x)
1000
2000
4000
400
200
100
- sticky bit
- set GID
- set UID
- read (owner)
- write (owner)
- execute (owner)
TCP Wrappers
• a common way to secure network transmissions on some Unix versions
• when tcp wrappers are turned on...
a) look in /etc/hosts.allow file for allowed firewall access
b) look in /etc/hosts.deny file for denied firewall access
c) if no rules apply, then access is granted
• results logged to syslog
• optionally sends banners to clients
• can transfer access to “jail” or “faux”
host-based firewalls
• Free BSD
• OS X
• varies with Linux
echo
(UDP Port 7)
ping command sends datagram to test connectivity
systat
(TCP Port 11)
netstat command returns user names, login times, and so forth
ftp
(TCP Ports 20 & 21)
file transfer protocol
ftp transmits in plaintext - sftp encrypts
anonymous ftp is a vulnerability
ssh
(TCP Port 2)
secure shell for remote login
uses symmetric encryption (ssh.config)
requires that client have public key
telnet
(TCP Port 23)
original remote login shell - uses plaintext
smtp
(TCP Port 25)
Simple Mail Transfer Protocol - Internet standard for email transfer
dns
(TCP & UDP Port 53)
Domain Name System (stay tuned)
dhcp
(UDP Ports 67 & 68)
Dynamic Host Configuration Protocol
IP address leasing utility
finger
(TCP Port 79)
retrieves user info (name, location, login, telephone, and so forth
http
(TCP Ports 80 & 443)
HypterText Transfer Protocol (WWW protocol)
POP, POPS, IMAP, IMAPS
(TCP Ports 109, 110, 143, 993 & 995)
Post Office Protocol -- Internet Message Access Protocol
snmp
(UDP Ports 161 & 162)
Simple Network Management Protocol
remote system management tool
rlogin & rsh
(TCP Ports 513 & 514)
more insecure login shells
empty /etc/hosts.equiv