HostedDB - Dedicated UNIX Servers
nt-part2_67 Analysis of the Security of  Windows NT 1 March 1999 67 dom argument will contain valid machine code. The prevalence of source code to the various UNIX implementations has made this kind of devastating attack wide spread however. NT will probably see a similar development, there are no technical differ- ences to prevent the same kind of attack. The absence of source code will make it more difficult for the attackers to find such flaws, but not impossible [10] and [14]. 8.3.4  Undocumented system variables and functions (see 7.3.4) These are not really a security problem in UNIX, the authors know of no such attack against a UNIX system. This is probably due to the wide spread distribution of source code, and a long standing tradition of openness in UNIX system development. All functions of the kernel are typically documented. Again utilities have had their share of such problems however, classic examples are the ‘sendmail’ the electronic mail trans- fer agent, DEBUG and WIZ commands, that existed in early ‘sendmail’ versions, and that granted unlimited access to the system via the network. These are of a historic nature however [6]. 8.3.5  SMB challenge response (see 7.4.1, 7.4.2) There is no direct counterpart in UNIX. Old protocols typically do not use challenge/ response, and the modern ones that do typically get it right. 8.3.6  Plain text passwords over the network (see 7.3.5) The Berkeley ‘r’ protocols pioneered the idea of sending unencrypted passwords over the network. This actually made some sense at the time, since the local network con- sisted of a typically homogeneous installation of UNIX machines, none of which would allow access to the network with out super user privileges. This assumption has changed today however, but despite this the Berkeley ‘r’  protocols are still in wide spread use. Password sniffing is one of the most common attacks carried out against UNIX installations [10] and [11]. 8.3.7  Non NTFS file systems (see 7.3.6) Traditionally UNIX has implemented its own file system, for many years there was only one. Berkeley corrected a number of performance deficiencies with the Berkeley fast file system, and variations thereof are still common today. Even though most mod- ern UNIX systems allow access to MS-DOS file systems, these accesses are typically limited in such a way as to present no serious security implications. It is impossible to actually run a UNIX system from anything other than a UNIX file system, and the kind of problems that NT has when a non NT file system is used for critical tasks does not appear in UNIX [58]. 8.3.8  System initialization problems (see 7.3.7) UNIX have the same boot problems that NT has. Once the intruder has gained physical access to the computer and its disks, little can be done to prevent him from forcing the system. Some UNIX implementations where also traditionally misconfigured, or could be interrupted in the middle of the boot process to provide the intruder with an admin-