Xref: utzoo comp.unix.questions:5737 comp.unix.wizards:6622 news.sysadmin:559
Path: utzoo!mnetor!uunet!husc6!cmcl2!brl-adm!umd5!umbc3!tron!celozzi
From: celozzi@tron.UUCP (Dominic J Celozzi)
Newsgroups: comp.unix.questions,comp.unix.wizards,news.sysadmin
Subject: Usenet Security
Message-ID: <108@tron.UUCP>
Date: 18 Feb 88 04:27:50 GMT
Lines: 32
Keywords: usenet uucp security access intruders

Wanted: information concerning security of usenet and uucp connections.

In particular, consider the following scenario:

	VAX running Ultrix 2.0
	dial-out uucp connections only
	polls newsfeed once daily


Questions: 1) What access (if any) do outsiders have to local system
	      (ie. can they request files on system such as 
			     /etc/password)
	   2) How secure is uucp security - ie USERFILE and L.cmds
	      Can anyone get around them from a remote system?
	   3) Can "intruders" be traced?  Do facilities exist to monitor
	      bad attempts of logging into a Unix system?
	   4) How secure is the software which implements the exclusions
	      mentioned above (as well as others related)?
	   5) How can we audit these events?
	   6) Is there a methodology for auditing local users activity to
	      remote sites - especially over usenet?
	   7) What facilities/manuals should be examined to ensure security?


Please do not begin a discussion concerning the theoretical history of unix
vs. "secure" systems.  I am only interested in practical applications /
practices which will aid in the monitoring of outgoing/incoming activities,
as well as those which raise might raise concern to the security guys.

					Thank you for your cooperation,
					Dominic J Celozzi
					UUCP-Path: uunet!umbc3!tron!celozzi