Dedicated web hosting - Protecting Yourself Against Swindlers A major problem with
Protecting Yourself Against Swindlers A major problem with UUCP is that the calling system can lie about its name; it announces its name to the called system after logging in, but the server doesn’t have any way to check it. Thus, an attacker could log into his or her own UUCP account, pretend to be someone else, and pick up that other site’s mail. This is particularly troublesome if you offer login via anonymous UUCP, where the password is made public. You must guard against this sort of impostor. The cure for this disease is to require each system to use a particular login name by specifying a called-login in sys. A sample system entry may look like this: system pablo … usual options … called-login Upablo The upshot is that whenever a system logs in and pretends it is pablo, uucico checks whether it has logged in as Upablo. If it hasn’t, the calling system is turned down, and the connection is dropped. You should make it a habit to add the called-login command to every system entry you add to your sys file. It is important that you do this for all systems in your sys file, regardless of whether they will ever call your site or not. For those sites that never call you, you should probably set called-login to some totally bogus user name, such as neverlogsin. Be Paranoid: Call Sequence Checks Another way to fend off and detect impostors is to use call sequence checks. These help you protect against intruders who somehow manage to find out the password with which you log into your UUCP system. When using call sequence checks, both machines keep track of the number of connections established so far. The counter is incremented with each connection. After logging in, the caller sends its call sequence number, and the receiver checks it against its own number. If they don’t match, the connection attempt is rejected. If the initial number is chosen at random, attackers will have a hard time guessing the correct call sequence number. But call sequence checks do more for you. Even if some very clever person should detect your call sequence number as well as your password, you will find out. When the attacker calls your UUCP feed and steals your mail, this will increase the feeds call sequence number by one. The next time you call your feed and try to log in, the remote uucico will refuse you, because the numbers don’t match anymore! If you have enabled call sequence checks, you should check your log files regularly for error messages that hint at possible attacks. If your system rejects the call sequence number the calling system offers, uucico will put a message into the log file saying something like, “Out of sequence call rejected.” If your system is rejected by its feed because the sequence numbers are out of sync, it will put a message in the log file saying, “Handshake failed (RBADSEQ).” To enable call sequence checks, add the following command to the system entry: # enable call sequence checks sequence true In addition, you have to create the file containing the sequence number itself. Taylor UUCP keeps the sequence number in a file called .Sequence in the remote site’s spool directory. It must be owned by uucp and must be mode 600 (i.e., readable and writeable only by uucp). It is best to initialize this file with an arbitrary, previously agreed-upon start value. A simple way to create this file is: # cd /var/spool/uucp/pablo # echo 94316 > .Sequence # chmod 600 .Sequence # chown uucp.uucp .Sequence Of course, the remote site has to enable call sequence checks as well and start by using exactly the same sequence number as you.