Login
Username:

Password:

Remember me



Lost Password?

Register now!

Sections

Who's Online
91 user(s) are online (72 user(s) are browsing Forums)

Members: 1
Guests: 90

trixie, more...

Support us!

Headlines

Report message:*
 

Re: Amiga Security Faq

Subject: Re: Amiga Security Faq
by Mitch on 2006/12/3 8:36:46

Quote:

4. AmigaOS online as a server
4.0 Suitability
4.0.1 Finding out what is running
4.0.2 Closing ports
4.0.3 Never go online with...
4.1 Stacks
4.1.1 AmiTCP
4.1.2 Miami
4.1.3 Roadshow
4.1.4 UAE and bsdsocket emulation
4.2 Apache
4.2.1. PHP
4.2.2. MySQL client
4.2.3. SQLITE
4.3 Black Widow
4.4 SAMBA


Quote:


4. AmigaOS online as a server

4.0 Suitability

AmigaOS can be used as a server and is suitable for such so long as the the designer of the server application and the systems administrator are aware that it has no internal security model.

If you are new to computing and want to put your Amiga on an internal network without wireless LAN then you may want to experiment here. If you want to put your Amiga in a DMZ, or on the internet directly then the general advice is DON'T RUN IT AS A SERVER.

A lot of the servers that you could run on the Amiga are hasty ports from the UNIX world ( or more precisely the Open Source world that writes for UNIX like operating systems ). This means that a lot of the UNIX assumptions ( like secured processes and filesystems ) that break under AmigaOS won't have been considered during the porting of the application.

Even applications that are written for AmigaOS often don't think through the consequences. Especially when it is one server used with a plugin that might expose a vulnerability ( for example: Apache, install PHP ) in the underlying Amiga architecture.

4.0.1 Finding out what is running

There are two places to look for this. Firstly in your s:startup-sequence, s:user-startup and WBStartup drawer for applications that offer internet services. If you don't know what the vulnerability status of the application is: remove entries that would automatically load it.

The second place to look is using the TCP/IP stack itself. The best means is to get it to show what open ports have items listening on them. Generally such servers will have a connection waiting in LISTEN or ACCEPT status.

Find out the equivalent of netstat -an is for each stack and post it here with sample output

Notice there are also other connections reported at strange port numbers? Don't worry, these are most likely to be outbound connections where your machine is a client.

4.0.2 Closing ports

It is possible with some TCP/IP stacks to close a port that a server would otherwise use ( this is a basic firewall methodology ) so that even if a server thinks it is listening on it, it can't. It might mean that when a server starts up it cannot work correctly in which case it will terminate and you can at least see what is listening on that port!

4.0.3 Never go online with

SAMBA running in network share mode ( where you are sharing out a drive or drawer on your Amiga to a network ). Vulnerabilities are found frequently in SMB and if you do go onto the internet with it you can expect your computer to spend at least part of its time processing enquiries about what SAMBA services are available. It is either insecure or wasteful.

A VNC server running allowing your Amiga to be remote controlled.



Powered by XOOPS 2.0 © 2001-2016 The XOOPS Project