Red Hat chases mainframe Linux leaders
Posted by vincent on 05 November 2001 - 11:44 · no comments & 350 views
About the Author
Full name: Unknown
Forum name: vincent
Contact: via forum PM
Submissions: Normal · Headline
Full name: Unknown
Forum name: vincent
Contact: via forum PM
Submissions: Normal · Headline
Slashdot It!
Submit to reddit
Submit to blinklist
Bookmark on del.icio.us
Add to furl
Share on Facebook
Add to Windows Live
Add to Google
The Durham, N.C., company's mainframe version of Linux will be sold along with services through the Red Hat Network, Chief Executive Matthew Szulik said in an interview Friday.
The product would catch Red Hat up with SuSE and Turbolinux, both of which already have a version for sale.
Linux and the mainframe make for an odd couple, but IBM's strong Linux push has linked the fates of the two technologies. It's even lured some customers such as Korean Air and Banco Mercantil.
Mainframes are a decades-old server architecture from IBM used by large corporations for business tasks with numerous transactions such as changes to bank balances. Linux, by comparison, is comparatively new, a 10-year-old clone of Unix.
Red Hat has said it plans versions of Linux for IBM's iSeries special-purpose servers, pSeries Unix servers and zSeries mainframes. It already sells Linux for use on the xSeries Intel servers.
Except for the packet-filtering warning and the CGI problems, those general warnings are pretty obvious and should be known to almost anyone with a minimal background in security. Hopefully, you can take advantage of their inclusion on the FBI list to get management to pay attention to these problems, which you may have been harping on since you took over network security.
Six Microsoft-related problems
Failure of IIS to correctly manage nonstandard Unicode sequences
This problem occurs because it's possible to insert obsolete but still valid items in a Unicode number--for example, “/” = “%2f” is the standard configuration, but “%c0%af” also interprets as “/” and IIS doesn't perform a security check on these extra long Unicodes.
ISAPI extension buffer overflows including idq.dll
See this Locksmith column for the details of this vulnerability.
IIS Remote Data Service (RDS) vulnerability
This is covered in Security Bulletin MS98-004. RDS is a default installation from the NT Option Pack and thus is on a lot of systems. The DataFactory component of RDS can allow unauthorised Internet access to OLE databases.
NetBIOS file share vulnerability
Improper configuration of the Common Internet File System (CIFS) can give full system access to an attacker using the Internet. This vulnerability appears when users make their hard drive files accessible by network users. The free Microsoft Personal Security Advisor download monitors these potential holes in the Server Message Block (SMB) protocol that NetBIOS uses.
Null session connections
The infamous anonymous logon can be very helpful for those wishing to make their data freely available, but this can open a door to intruders. For some systems, the fix is not to block null sessions but to limit the kind of data they can access. Most networks should block TCP and UDP ports 445 and 135 through 139 to stop all null sessions.
Weak password hashing in SAM
Every Windows user gets legacy LAN Manager support by way of password hashes installed by default on NT and Win2K systems. LAN Manager has very weak encryption, so you need to disable it unless you absolutely need to leave it active for legacy interoperability.
Seven UNIX vulnerabilities
Buffer overflow vulnerabilities in remote procedure calls (RPCs)
These RPC vulnerabilities (mostly rpc.ttdserverd, rps.cmsd, and rpc.stad) are common in most versions of UNIX and allow access to network services, including NFS file sharing and NIS centralised login. These buffer overflows have been responsible for a vast number of denial of service attacks, especially against Department of Defense systems. Internet-connected computers should have these services disabled/removed or at least have the latest patches installed if the services are necessary to operations.
Sendmail holes
Shame on you if you let this one get past you; it was the subject of the very first CERT advisory back in 1988. Older versions of Sendmail have a number of weaknesses, including one that will allow attackers to have passwords mailed to them.
BIND weaknesses
The Berkeley Internet Name Domain (BIND) system has a number of vulnerabilities. See this Locksmith column for the details.
UNIX "R command" vulnerabilities
These commands--such as rlogin, rsh, and rcp--let one person administer a number of UNIX systems quickly and easily by allowing access without a password by permitting anyone from a trusted IP address to access system commands. Protect your systems by blocking these IP-based trust relationships.
LPD vulnerabilities
The in.lpd print protocol daemon monitors TCP port 515 for print requests. A flood of requests sent to that port can cause a crash or allow an attacker to run arbitrary code. This affects Solaris and most Linux versions.
Sadmind and mountd problems
Sadmind and mountd buffer overflows can be exploited to give attackers root access.
Using default SNMP strings
Simple Network Management Protocol (SNMP) is used to control printers, computers, and routers remotely, but the unencrypted username/password (called a community name) allows easy access. Even worse, most default installations use public as the authentication text, and most of the rest use private instead. This makes it unnecessary to even sniff SNMP traffic to learn the community string needed to access the administration tools. The answer is to close down SNMP unless you really need it and, if so, use a more inventive community name.
Bottom line
Unless you've just taken over network security, you probably know about most of these vulnerabilities listed by the FBI, but just imagine how bad your position would be if your predecessor had ignored these vulnerabilities and a virus or an attack by a hacker led to significant network downtime on your watch. The boss may never know how many rare, but important, vulnerabilities you have plugged, but he or she will never forget when you missed one and it led to significant downtime, lost productivity, and a drain on company funds.
TechRepublic is the online community and information resource for all IT professionals, from support staff to executives. We offer in-depth technical articles written for IT professionals by IT professionals. In addition to articles on everything from Windows to e-mail to fire walls, we offer IT industry analysis, downloads, management tips, discussion forums, and e-newsletters.