At 1:58 PM 3/28/97, Albert Carter wrote:
>Ok, but as far as working with NetBSD even if its going to be connected to
>the internet the internal security with unix is enough that I won't need to
>install the special security files.  Sorry for double checking I'm just
>really spooked at the thought of someone being able to hack into my computer
>and do some damage.

No one can give you any blanket guarantees.  If you are only a dial-up then
you are only vulnerable while you are connected.  The general rule is to
make sure you have hard-to-guess passwords on everything, and disable any
network access/protocol that you don't need.  The Unix Sysadmin book that
everyone on this list recommends (ISBN 0-13-151051-7) has a nice (and
reasonably short!) summary of the subject.
>
>Also I'm wondering if there are any anti-virus programs out there for unix
>or if it comes with them or what not
>
Not really.  Since Unix runs on so many different CPU's with so many
flavors of software it's hard to do a PC-style virus.  The host population
isn't dense enough to support reasonable reproduction.

What you see on Unix boxes are much higher-level (more evolved?) attacks
that target specific vulnerabilities of the network protocols and daemons.
The solutions are to patch the bugs, and to install extra logging (like
tcpd) or checking (like tripwire) daemons.  (And to disable the services
you don't need.)

There are a couple of probe programs that will search for known
configuration problems and vulnerabilities:  Satan is the one with the
catchy name, and I forget the name of the other/better one.

Signature failed Preliminary Design Review.
Feasibility of a new signature is currently being evaluated.
h.b.hotz@jpl.nasa.gov, or hbhotz@oxy.edu