Department of Mathematics FAS Harvard University One Oxford Street Cambridge MA 02138 USA Tel: (617) 495-2171 Fax: (617) 495-5132
FAS Computer Services to Harvard University IT: (617) 495-7777.

FAS Security guide 2010

FAS desktop security guide PDF

Commonly exploited UNIX vulnerabilities (Source: http://www.sans.org Sans institute)



  • Poor system administration
  • Reusable or poor passwords
  • Flawed SUID programs (e.g. rdist, binmail)
  • HTTP servers and CGI application vulnerabilities
  • Default "+" entries in the /etc/hosts.equiv file
  • NFS/NIS vulverabilities sendmail program bugs
  • Buffer overruns (e.g., gets(), syslog())
  • SUID shell scripts


Tips to avoid Worms and Viruses



  • No operating system is safe from viruses. Unix flavours (like solaris, linux, freebsd, OS X etc.) are less vulnerable than windows (smaller target, different platform, root protection).
  • If your mail server is a Unix machine, consider reading the email on that machine with programs like mail, pine, mutt etc. This is safer and often faster. Note that it is also possible to catch a virus on a Unix box, but you have to pull the trigger yourself.
  • Most worms use email programs like Eudora, Outlook or Outlook Express to spread. If you need to use such programs, get the latest security patches. In general, keep your operating system and applications up-to-date. Be sure to get the updates directly from the vendor.
  • On a Mac or PC, run a virus protection program. Whether Mac OSX, Windows or Linux, turn on a firewall.
  • If possible, avoid email attachments both when sending and receiving email. Email addresses can be spoofed. Even if you know the person who sent you email, it does not mean that this person has sent the email.
  • Disable the HTML parrot feature, the receiver might read with a text based mail program.
  • Configure your operating system to show file extensions. In Windows 2000, this is done through Explorer via the Tools menu: Tools/Folder Options/View - and uncheck "Hide file extensions for known file types". This makes it more difficult to for a harmful file (such as executables .exe or visual Basic scripts .vbs) to masquerade as a harmless file (such as .txt or .jpg).
  • Don't open attachments with the file extensions .vbs, .shs, .exe or .pif. While these extensions are almost never used in normal attachments, they are frequently used by viruses and worms. Some worms can hide the .pif extension as in the example of the recent Welyah worm, which had an attachment message.txt .pif . The white spaces hide the extension.
  • Do not share folders with other users unless necessary. If you do, make sure you do not share your entire drive or your entire windows directory.
  • If you feel that an email you get from a friend is strange, double-check with the friend before opening any attachments.
  • When you receive email advertisements or other unsolicited e-mail, do not open attachments in them or follow web links quoted in them.
  • Avoid attachments with sexual filenames. email worms often use attachments with names like porn.exe to lure users into executing them.
  • Do not trust the icons of attachment file. Worms often send executable files which have an icon resembling icons of picture, text or archive files - to fool the user. As a curtesy to others don't send word documents if not necessary.
  • Never accept attachments from strangers in online chat systems such as IRC, ICQ or AOL Instant Messengers.
  • Avoid downloading files from public newsgroups. These are often used by virus writers to distribute their new viruses.
  • Keep an eye on websites, which inform about new viruses.


Links




Simplicity, Clarity, Generality B.W. Kernighan, R. Pike, in "The Practice of Programming".
Privacy Digital Accessibility
HTML CSS