Login
Username:

Password:

Remember me



Lost Password?

Register now!

Sections

Who's Online
79 user(s) are online (62 user(s) are browsing Forums)

Members: 1
Guests: 78

kas1e, more...

Support us!

Headlines

Report message:*
 

Amiga Security Faq

Subject: Amiga Security Faq
by Mitch on 2006/12/2 21:16:00

I'm looking to build this FAQ, please contribute in comments and I'll add them in here under the right section by editing this post. Please don't do general chatter. Anything that you have noticed in configurations will be useful as will external links. Please help as I am sure we can all benefit from a single resource on this subject! This is for all versions of AmigaOS!


Quote:

AmigaOS Security FAQ

Revision: 0.0.2

Dated: 2nd December 2006

New advisories since previous revision:
Exploits N/A
Vulnerability N/A
Warnings N/A

1.General security concepts
1.0 Daemon attacks
1.1 Stack attacks
1.2 Trojan/Malware
1.3 General
2. AmigaOS limitations
2.0 Tasks, Processes, Signals and Messages
2.1 Permission bits
2.2 Paths
2.3 Functions and vectors
2.4 Virus attacks
2.5 Scripting
2.6 Servers, macros and automation
3. AmigaOS online as a client
3.0 TCP/IP stacks
3.0.1. AmiTCP
3.0.2. Miami
3.1 Web Browsers
3.1.1. Aweb
3.1.2. Ibrowse
3.1.3. Voyager
3.2 IRC
3.2.1. AmIRC
3.2.2. WookieChat
3.3 Email
3.3.1. YAM
3.3.2. SimpleMail
3.4 Remote shells
3.4.1. Telnet
3.4.2. Amtelnet
3.4.3. SSHv1
3.5 Remote file transfer
3.5.1. ftp
3.5.2. sftp
3.6 File sharing
3.6.1. SAMBA
4. AmigaOS online as a server
4.0 Suitability
4.1 Apache
4.1.1. PHP
4.1.2. MySQL client
4.1.3. SQLITE
4.2 Black Widow
4.3 SAMBA



1 General Security Concepts

Whenever you go online you will end up announcing your presence to the world. By doing this you are guaranteed that someone will try to test your connection to find ways in to do awful things at least once in your online lifetime. In fact the BBC honeypot experiment, although it had it's flaws, claimed it was hit by a potential security assault every 15 minutes.

http://news.bbc.co.uk/2/hi/technology/5414502.stm

( source BBC )

1.0 Daemon attacks

If you are running something on your machine that can be used by another computer on the internet then it is guaranteed to be found. If there is a known exploit for this then it is guaranteed to be exploited: it is only a matter of time. If there isn't a known exploit, but it actually does have a flaw that is unknown as of yet then someone will find it given motivation and time and you will be vulnerable.

By hiding behind what is known as a ?firewall?...

http://en.wikipedia.org/wiki/Firewall_%28networking%29

( source Wikipedia )

... you can mitigate the risk somewhat. By not running any of these types of programs, normally known as ?daemons?...

http://en.wikipedia.org/wiki/Daemon_%28computer_software%29

( source: Wikipedia )

...you can mitigate the risk even further. However it is still possible you can be subject to attack:

1.1 Stack attacks

TCP/IP stacks are assumed to be invulnerable, that is until the next flaw is found. The majority of flaws that have been discovered cause little more than a disconnect for the user, or tying down of system resources ( overloading ). Such attacks are most definitely handled by placing a firewall between you and the internet ? at least it makes it the firewalls problem.

1.2 Trojan, malware attacks

Trojan attacks are now a coverall term for attacks by which something gets onto your computer through your own volition. This can vary from accessing a web site and something on it does something to your machine ( as simple as a hang ? or launches off some program you have configured to handle a datatype which has its own bug ) or maybe you have mounted some network device that allows through lack of thought on the developers part that allows a script to be run that causes damage or maybe you just downloaded a bit of software that gives up some control of your machine to a cracker every time you connect to the network.

To handle these you should consider permitting some level of outbound firewall protection so that you are always aware of what is accessing the internet other than something you have initiated. But really, here, you need to be vigilant. If there are scanners available for your version of the Amiga Operating System you need to use them and keep them up to date.

1.3 General

The most important advice is to identify what type of risks you are currently exposed to and keep an eye on the security alerts that come around for that software. This cannot be under-emphasised because your typical cracker ( or the more clueless version who just uses existing scripts known dismissively as a ?script-kiddie? ) will be reading these alerts too and be waiting to expose your computer if they can.

Don't get overly paranoid if you can help it, don't let it suck out all enjoyment of using your Amiga online or offline but just be very aware that if someone finds they can do something unpleasant to someone else online they are going to do it.

2. AmigaOS limitations

AmigaOS has absolutely no security model beyond the ability to make files write protected ( 2.1 ). Bizzarely this does not make it entirely insecure because if you use it how it is designed and take precautions it can provide you a reasonable level of protection from attacks. We will discover more about how to do this in the FAQ.

2.0 Tasks, Processes, Signals and Messages

Any task can access the memory of another task in every revision up to, and including, AmigaOS 4.0. References to memory is habitually passed between running tasks and individual tasks are not assigned any security credential. Any task can remove another task from running in the execution list, signal another task to stop and to send messages to device drivers, windows, screens and other service processes.

Is this still true in Amiga OS 4.0?

2.1 Permission bits

Files can be write protected, read protected, delete protected and execute protected. However, any task can unset this if it so wishes. There are no security credentials for users, groups or ephemeral groups on the filesystem. Even if there where, there is no way of telling which task or process has a credential that can be compared with the filesystem credential to deny or allow access.

What about PFS? SFS?

2.2 Paths

Library and binary paths can be added to and removed from by anyone and if something is in the path it can be executed by any DOS process or shell. All paths are set globally as are assigns and library paths. What you do in one place has an effect on the entire operating system.

2.3 Functions and vectors

AmigaOS was traditionally attacked by "patching" vectors. AmigaOS in the Exec library allows you to override functions and methods to point to a different implementation. While this is useful for creating extensions and plugins and extending function it can also be used to inject trojan code, code that tracks personal information and change the behaviour of the operating system without the user being informed. There is no built in protection for this and even Exec methods and functions can be patched to target any other bit of code.

2.4 Virus attacks

Typical virus attack patterns here - bootblock, vector patches, etc.

2.5 Scripting

AREXX issues here, why it might be a good idea to disable AREXX unless you are really using it.

2.6 Servers, macros and automation

Theoretical exploitation of the system - probably too close to 2.5 to have its sown section



Powered by XOOPS 2.0 © 2001-2016 The XOOPS Project