Datasheet
“main” (Installation and Administration) — 2004/6/25 — 13:29 — page 687 — #713
i
i
i
i
i
i
i
i
26
Security in the Network
SSH (secure shell) can be used to encrypt a network connection completely
and forward it to an X server transparently without the encryption mech-
anism being perceived by the user. This is also called X forwarding. X for-
warding is achieved by simulating an X server on the server side and set-
ting a DISPLAY variable for the shell on the remote host. Further details
about SSH can be found in Section 26.4 on page 652.
Caution
If you do not consider the host where you log in to be a secure
host, do not use X forwarding. With X forwarding enabled, an
attacker could authenticate via your SSH connection to intrude
on your X server and sniff your keyboard input, for instance.
Caution
Buffer Overflows and Format String Bugs
As discussed in Section 26.7.1 on page 684, buffer overflows and format
string bugs should be classified as issues concerning both local and net-
work security. As with the local variants of such bugs, buffer overflows in
network programs, when successfully exploited, are mostly used to ob-
tain root permissions. Even if that is not the case, an attacker could use
the bug to gain access to an unprivileged local account to exploit any other
vulnerabilities that might exist on the system.
Buffer overflows and format string bugs exploitable over a network link
are certainly the most frequent form of remote attacks in general. Exploits
for these — programs to exploit these newly-found security holes — are
often posted on the security mailing lists. They can be used to target the
vulnerability without knowing the details of the code. Over the years, ex-
perience has shown that the availability of exploit codes has contributed
to more secure operating systems, obviously due to the fact that operating
system makers were forced to fix the problems in their software. With free
software, anyone has access to the source code (SUSE LINUX comes with
all available source codes) and anyone who finds a vulnerability and its ex-
ploit code can submit a patch to fix the corresponding bug.
DoS — Denial of Service
The purpose of this kind of attack is to block a server program or even an
entire system, something that could be achieved by various means: over-
loading the server, keeping it busy with garbage packets, or exploiting a
remote buffer overflow. Often a DoS attack is done with the sole purpose of
687SUSE LINUX Enterprise Server