Specifications
C
Network Security
ID card of some kind. This cookie (the word goes back not to ordinary cook-
ies, but to Chinese fortune cookies which contain an epigram) is stored on
login in the file .Xauthority in the user’s home directory and is available
to any X Window client wanting to use the X server to display a window.
The file .Xauthority can be examined by the user with the tool xauth. If
you were to rename .Xauthority or if you deleted the file from your home
directory by accident, you would not be able to open any new windows or X
clients. Read more about X Window security mechanisms in the man page of
Xsecurity (man Xsecurity).
Apart from that, ssh (secure shell) can be used to completely encrypt a net-
work connection and forward it to an X server transparently without the en-
cryption mechanism being perceived by the user. This is also called X for-
warding. X forwarding is achieved by simulating an X server on the server
side and setting a DISPLAY variable for the shell on the remote host. Before
being displayed, the client opens a connection with sshd (secure shell dae-
mon, the server side program), which then gets the connections through to
the real X server. If your setup requires that X clients are displayed remotely,
consider using ssh. The man page of ssh has more information about the
functionality of this program. Further details about ssh can be found in Sec-
tion C on page 190 of this book.
Caution
If you do not consider the host where you log in to be a secure host,
do not use X forwarding. With X forwarding enabled, an attacker
could authenticate via your ssh connection to intrude on your X server
and sniff your keyboard input, for instance.
Caution
Buffer Overflows and Format String Bugs
As discussed in the section on local security, buffer overflows and format
string bugs should be classified as issues concerning both local and network
security. As with the local variants of such bugs, buffer overflows in network
programs, when successfully exploited, are mostly used to obtain root per-
missions. Even if that is not the case, an attacker could use the bug to gain
access to an unprivileged local account to exploit any other vulnerabilities
which might exist on the system.
Buffer overflows and format string bugs exploitable over a network link are
certainly the most frequent form of remote attacks in general. Exploits for
these — programs to exploit these newly-found security holes — are often
203SuSE Linux – Firewall on CD2