[UKUUG Logo] Copyright © 1995-2004 UKUUG Ltd

UKUUG


news@UK 4.2

The newsletter of the UK UNIX User Group.
Volume 4 Number 2 (April 1995)

UKUUG News

Editor's Column

(Susan Small)

I hope that you will begin to see the changes we are introducing to the newsletter as a result of the feedback received from you.

The regular report from the Chair will now be shorter than usual, because of the detailed report of Council meetings. These reports will give you an idea of the Council's current concerns and will hopefully prompt responses from yourselves - either with offers of help or suggestions for services you would like offered.

Don't forget that book and product reviewers are always needed. Let me know what you would like to see reviewed.

If your organisation wants to advertise in news@uk, we can include an A4 flier for around £100. Alternatively, members can freely advertise their services (using a couple of column inches) in our Small Ads section.


Report from the Chair

(Mick Farmer)

In the questionnaire issued with news@UK 3.6 (December 1994), a number of you asked for more information concerning your Council's activities. Council meets once a month for a teleconference and I have included a précis of our last teleconference elsewhere in this issue. We find that the use of telephone conferences saves the group money and enables Council to schedule regular meetings. Please let us know if you want us to continue providing these reports of our meetings.

Thank you to those of you who volunteered to be a guru for our new and exciting column entitled "The Guru Is In". Your secretariat is now waiting to receive queries from members. So, please send your questions to Owles Hall immediately and avoid the rush!


Council Matters

(Mick Farmer)

This is a report of the last Council teleconference held on 9 March 1995. Present were Mick Farmer (Chair), Lindsay Marshall, Jim Reid, Andrew Macpherson, and Jane Morrison (Secretariat).

* Jane Morrison reported that the UNIX and Internet Security seminar held on 8-10 February was a resounding success attended by 50 delegates. The seminar was limited to 50 because of the size of the room; this meant that some people were turned away. To date, the approximate profit was £20,000 with 70% going to EurOpen and 30% going to the UKUUG.

* Mick Farmer reported that little progress had been made on locating speakers for our next two proposed events (WWW and Tcl/Tk). This meant that they will be postponed until later in the year. Lindsay Marshall reported that he would attend a Tcl/Tk event in Toronto in July where he may locate suitable speakers.

Jim Reid felt that the UKUUG should hold focused one-day technical seminars that would be profitable for the group.

Andrew Macpherson reported that EurOpen were organising a "transportable" WWW event in October, first in Amsterdam and then in Stockholm. Their aim was to have four speakers and two workshop leaders. The event will be aimed at "suits" rather than "techies". EurOpen hoped to attract 50 delegates at each venue with a breakeven number of 30. EurOpen had decided to give each national group a £5 bonus for every delegate that they sent to a EurOpen event.

* Jane Morrison reported that the new Sun computer system was up and running at Owles Hall, but was only being used for letters and faxes at present until she had time for training within the next few months.

* Jim Reid reported that the registration of ukuug.org should now be complete and that he was working on the Internet link. Andrew Macpherson thought that some funding for this should come from EurOpen through their contract with the EU to provide Web pages (see Mick Farmer's report on the ICT Round Table No. 8 meeting elsewhere in this issue).

* Mick Farmer reported that he had approached someone to take on the vacant Treasurer's role and had received a positive response. [An announcement will be made once a formal response has been received.]

* Jane Morrison reported that the newly formed Linux SIG now had 21 members, of whom five were existing UKUUG members. The first issue of the Linux newsletter had been sent to all UKUUG members with the February issue of news@UK.

* Andrew Macpherson reported on the activities of EurOpen as the newly co-opted member of the Executive and Treasurer. Apart from the WWW event mentioned above, EurOpen were planing to run Rik Farrow's seminar in Germany and Budapest in September this year and in the UK next year.

He also reported that EurOpen were fronting a bid for a contract with the EU to provide Web services. There were five partners involved: EurOpen, Koala Systems, DKUUG, EurOpen.SE, and AFUU.

* Mick Farmer reported that Brent Chapman was giving an Internet Security Firewalls tutorial in the UK in April. He had negotiated a 10% discount for UKUUG members (see flier in this issue of the newsletter).

* Jane Morrison reported that the second issue of EurOpen Quarterly would soon be ready at 2 ECUs per copy. Council agreed to send this to all UKUUG members.

* The UKUUG Financial Accounts for the year ending 31/12/94 were formally agreed and accepted by Council.

* Council agreed that the next AGM would be held on 25 May 1995 at the Institute of Education in London at 1830hrs. They hoped that a meeting of the London LUG could be arranged to co-incide.


SU2SG

(Nigel Ian Mitchem)

The next meeting of the SU2SG will be held at City University at 1430hrs on Monday 3 April 1995. The meeting will take place in room A529C which is in the college building, main entrance on St John's street. It's the big red brick building with a dome and a clock hanging over the pavement.

A pre-meeting gathering will be held in the Sekforde Arms, Sekforde Street, EC1 from noon onwards.


Cambridge LUG

(Jane Shute)

The next meeting will be held on 10 May 1995 at the Applied Psycholgy Unit on Chaucer Road, Cambridge. Sun will be talking about their Solstic products. [See also news of the Sun Easter Tutorial and Conference to be held at Cambridge's Robinson College.]


London LUG

(Andrew Findlay)

The next LUUG meeting will be a round table event on Thursday 27 April concerned with the topic of Network Management.

This is a hot topic, and there are quite a few products available of varying quality, coverage, and price, but what do people really do with them? For that matter, what do people really want to know about their networks? Come along and find out. Better still, come prepared to talk for four or five minutes on your own experiences.

The meeting will start at 1900hrs in the Department of Computer Science, Birkbeck College, 1st floor, Senate House North Block, Malet Street, London, WC1E 7HX.

On Thursday 25 May, following the UKUUG AGM in the Institute of Education, (Bedford Way, London, WC1) we will have a LUUG lecture in the same room. The Speaker is Nigel Titley of BT who will describe the current state of BT's IP service. This will be an updated version of the popular talk that he gave at the UKUUG IP event last year.

Most LUUG events end with a general migration to either the Cypriana or Villa Carlotta for food.


The Guru Is In

As a guru I am often asked the question "When is the best time to ftp those big files?"

This is one of those perpetually unanswered questions which have plagued internauts since almost the beginning of cyber-time. The short answer is during Star Trek! The long answer is:

I hope this will stimulate you to send in your own queries!


News from Owles Hall

(Jane Morrison)

When writing the piece for the last issue we were busy organising the Rik Farrow Seminar, "Advanced UNIX & Internet Security". Well for those who didn't attend I can report that the event was undoubtedly a huge success, with 50 attendees (the maximum number the room could hold). We also had a dozen or so people on a reserve list. The Seminar was well received and the venue proved to be well organised and comfortable. It is planned that the event will be held again in the UK in January 1996.

If you were lucky enough to have attended the Seminar and have still not received your free book, we are sorry but we are still waiting for the shipment to arrive from the US. As soon as we have them they will be despatched to all attendees.

The Council meeting which was planned for February was actually cancelled, and was rescheduled for early March. At this meeting the Committee discussed future events and are hoping to make some firm announcements in the next couple of months. The accounts of the Group for the year end to 31 December 1994 were also agreed by the Committee, and you will all receive copies of these shortly. The next Committee meeting will be held on 6 April 1995.

The AGM date has now been fixed for 25 May 1995 at the Institute of Education, Bedford Way, London, WC1 at 1830hrs. We do trust that this will be well attended. All paperwork etc. relating to the AGM will be sent out with the draft accounts in the next few weeks.

The LINUX SIG is still attracting new members and looks to be quite successful.

We shall be chasing the outstanding subscription invoices soon. However, if you would please arrange to make your payment promptly, unnecessary costs which are incurred by the User Group in chasing up these outstanding subscriptions would be avoided.

The EurOpen Quarterly Issue 2 Newsletter will be automatically sent to all our members when printed and we would like to know what your opinions were concerning the first issue. This would have been sent to you via the DKUUG office in December last year.

See you at the AGM.........

Jane has worked at the Owles Hall Secretariat for almost 8 years. She looks after the administration for the UKUUG, SUN UK User Group and EurOpen. When not working, her pastimes include gardening, swimming, painting and decorating, going on holiday, doing absolutely nothing and trying to keep her 18 year old son on the straight and narrow!


Sun UK User Group Easter Tutorial and Conference

This will be held from 24-26 April 1995 at Robinson College, Cambridge, UK. The first day consists of a Tutorial by Peter Baer Galvin on "Advanced Solaris System Administration". It is designed to meet the needs of the system administrator who has experience at managing systems, but has not had extensive experience with Sun's new Solaris 2.X operating system. Areas of focus include differences between Solaris 2.X and older operating systems, and migrating from those older operating systems to Solaris. The newest version of this course will also include details of Solaris 2.4.

The Technical Programme includes "Purchasing a Workstation Installation"; "The Place of Sun Service in Today's Community"; Response Time Bound Server - Real World Limits to NFS Server Performance"; "Moving Sun OS to Solaris"; "The SPARC Roadmap"; "PC Integration into the Enterprise"; "Connecting to the Internet"; "Simplified Solaris 2 Printing"; "The Webrunner Project"; and "Server Enterprise Management".

The Tutorial is open to members of SUKUG and UKUUG and costs £293.75 (inclusive of VAT). The cost of attending all three days is £470 (inclusive of VAT). Full details of how to book can be obtained from the Secretariat at Owles Hall.


Reviews

Advanced UNIX And Internet Security Seminar presented by Rik Farrow

8-10 February 1995
(Adrian Percival)

Threat of attack - real or imagined problem?

If the experience of UKUUG and EurOpen is anything to go by then this is a real issue at a large number of sites - there were over 60 applications for this seminar, which was anticipated would attract around 20 delegates!

The attendees represented both academic and commercial environments (although the reasons for attending were different - the academics I spoke to were more interested in keeping up with what their students were already up to), with numerous representatives from major companies such as National Power, The Post Office, and Shell, as well as visitors from Holland, Finland and Germany.

The speaker was Rik Farrow, ex-editor of Open Computing, and author of UNIX System Security. Having worked with UNIX since 1982, and in particular with security since 1984, he had a wide base of experience to draw on, and this constantly showed throughout the three days as he was able to answer every question raised.

At the start of the conference we were all given a hefty folder of well-structured and comprehensive notes, which we followed throughout the course.

DAY 1

Although only 9% of security incidents involve the Internet (his figures), Rik choose to concentrate on this area, ignoring for example the security aspects associated with modems which account for 34% of all attacks. The reason given was that he expected problems in this area to grow, especially with current interest in the Internet.

The first question that one should ask when examining your security is what assets do you have, are they worth protecting, and more importantly, does increased security merit the decrease in ease of use (financial considerations aside)?

Once this has been evaluated it is essential to have a network security policy, outlining procedures and rules for users to abide by.

After lunch he detailed methods by which your network may be probed, i.e. how a potential attacker can get useful information about your system. Common methods used rely on finger, rpcinfo, showmount and NIS. He also provided some interesting programs to automate the scanning of networks.

What does the hacker do with this information? The next step is to gain access to an account on your machine, using various methods such as social engineering i.e. conning people's passwords out of them (so beware anyone handing out surveys outside your workplace); the ever popular SENDMAIL attack; ftp-based attacks; exploiting holes in your configuration; using NFS and binmail; and yes looking under keyboards for post-it notes - is nothing safe anymore? Once an account has been accessed/created, the intruder can quickly become root, and then trouble!

There are, however solutions to this problem, the first involving the hardening of your system, that is making it more resistant to attack. This is mainly done by replacing buggy software and tightening up sloppily configured systems. Rik also drew our attention to several security audit tools that are available, in particular COPS, ISS and Tripwire.

DAY 2

The main part of Thursday was spent examining how configuring network services in various ways can either increase or decrease your exposure to network-based attacks. He also examined the use of TCP Wrapper, and gave some sample configurations, and showed how intruders can be detected (check your logs regularly), and pointed out various attack signatures.

After lunch he examined the rudiments of TCP/IP and then went on to detail how packets can be snooped, sniffed and decoded, - a pressing problem if you consider that most applications (telnet, ftp and rlogin please stand up!) transmit unencrypted passwords across the wire.

DAY 3

Today was the climax of the seminar - how to install and configure firewalls.

This is based on the premise that:

"Directly connecting to the Internet without a firewall means that every server application running on a host computer on any internally connected network may be probed or attacked."
With this in mind, the idea of a firewall is to isolate segments of a network.

Firewalls were originally router based, but it was his opinion that a router alone wouldn't provide sufficient protection, and so we examined the different options available:

Different methods of packet filtering were examined (Checkpoint's Firewall 1) and proxy servers (SOCKS).

The final afternoon was spent examining the TIS Firewall Kit. This is a freely available set of software, the result of US government-funded research into how to build a firewall (they wanted to protect www.whitehouse.com). He then compared this with commercially available firewalls (ANS, TIS's commercial version - Gauntlet, Raptor's Eagle and DEC's Firewall Consultancy Service (SEAL)).

All in all this was three days well spent, in the presence of an extremely knowledgeable speaker, helped by an audience who provided plenty of real life examples of problems encountered. The majority had suffered an attack of varying seriousness, in the last two years. In conclusion, UNIX maybe a victim of its own success. There are a lot of extremely knowledgeable people about, not all of them trustworthy, and, with this in mind, perhaps it would be wise to adopt the security policies of numerous financial institutions, that of security by obscurity!

PS: On examining the system I use, I found that I could gain access in a matter of moments!

Adrian is a student at the Department of Computer Science, Birkbeck College, University of London, where he is studying for a PhD in distributed databases. If you would like any more information you can reach him at the address in the contacts list.


The Internet Book

Doug Comer
Prentice-Hall International Inc
ISBN 0-13-183237-9
£19.50
(Reviewed by Mick Farmer)

Doug Comer is well-known for his series of three books on Internetworking with TCP/IP and as the chief designer of XINU, a UNIX-like operating system for LSI-11 computers. Judging by the title, you might think this book is Volume IV of Internetworking with TCP/IP. It is not. The book is subtitled:

Everything you need to know about computer networking and how the Internet works.

In his introduction, Doug Comer explains that he wrote the book "... as a response to everyone who has asked him for an explanation of the Internet that is both technically correct and easily understood by everyone." This simplistic message is explained in Chapter 1 where he realises that such questions as "What is the Internet?" are being asked by people who use the Internet as a facility, yet are unaware of the technological background. These people are not the experts who helped shape the Internet, but ordinary men and women using the Internet in ways that the experts had not imagined.

The book is organised into four parts: Introduction to Networking, A Brief History of the Internet, How the Internet Works, and Services Available on the Internet.

Part 1, An Introduction to Networking, is a gentle history of communications, mainly telephony, and of the move away from analog devices into today's digital world of ASCII codes and Local Area Networks (LANs). This part is full of interesting observations such as the Telegraph service which was a digital technology (using Morse code). However, the users of the Telegraph did not need to know Morse code. The sender wrote their message on a form, a skilled operator transmitted the message in Morse code, another skilled operator received the message in Morse code and translated it onto a form, which was then given to the recipient. I hadn't thought of it like that.

Part 2, A brief History of the Internet, describes the early years when incompatible LANs and Wide Area Networks (WANs) proliferated, leading to the desirability of a single network, with the US Department of Defense funding research on networking through the Advanced Research Projects Agency (ARPA), and the emergence of the Internet. One chapter describes the decade of incredible growth of the Internet. Doug Comer gives a table (see next column) showing the exponential growth from 1983 to 1994.

There is also a chapter outlining the growth of networks around the world, BITNET from IBM, the European Academic and Research Network (EARN), and the European Backbone (EBONE).

Year            Approximate Number of

                Computers on the Internet



1983                562

1984               1024

1985               1961

1986               2308

1987               5089

1988              28174

1989              80000

1990             290000

1991             500000

1992             727000

1993            1200000

1994            2217000




Part 3, How the Internet Works, is an explanation of the underlying technology and basic capabilities of the Internet's infrastructure. It starts with an overview of packet switching and a brief chapter describing how routers work and how they are the building blocks of the Internet, often accommodating multiple types of networks. There follows chapters outlining the Internet Protocol (IP) and the Transmission Control Protocol (TCP), IP addressing, and TCP guaranteed delivery via retransmission. These topics are all explained in a straightforward manner in English without resorting to diagrams of IP and TCP headers. At times I felt the need for more technical information, but not often. Finally there are chapters devoted to distributed computing and to our naming of computers and domains.

Part 4, Services Available on the Internet, has chapters on Electronic Mail (e-mail), Bulletin Board Services (Network News), File Transfer (FTP), Remote Login (TELNET), Information Browsing (Gopher), Advanced Browsing (WWW, Mosaic), Automated Title Search (Archie, Veronica), and Automated Contents Search (WAIS). Each service is described with the aid of diagrams, often showing different stages of a session using the service. Both character-based displays and window-based displays are shown where appropriate, e.g. when using Gopher or Archie. Doug Comer concentrates on the client-side of these services, so there is no explanation about a WWW server. Alas, reading this book, someone might think that the only WWW browser available was Mosaic. I also learnt that the name Veronica was chosen because of a US comic strip featuring two teenagers named Archie and Veronica! [Actually, it's an acronym for Very Easy Rodent-Oriented Network-wide Index to Computerised Archives.] One chapter briefly explains some of the newer services such as audio teleconferencing, video teleconferencing, and the Whiteboard service.

Doug Comer is known for providing pithy summaries at various places in his book. At the end of the book he manages to summarise the question posed at the beginning "What is the Internet?" in a one-paragraph description. I will quote just the first sentence:

"The Internet is a wildly-successful, rapidly-growing, global digital library built on a remarkably flexible communication technology."
I enjoyed reading this book. Doug Comer writes in a very readable style, avoiding jargon wherever possible. This is certainly a book for anyone using the Internet as a service wanting to know more about its fascinating history, growth, and future.


Around Europe

ICT Round Table No. 8

(Mick Farmer)

The third meeting of this Round Table took place in Brussels on 21 March 1995 in the European Commission's Beaulieu Building (the same one that I described last time). This time I travelled via EuroStar, going through the Channel Tunnel. It's only 3 hours and 15 minutes from London's Waterloo Station to Brussels' Gare du Midi. The actual train is an up-market Intercity-style product and extremely quiet and smooth. I travelled in the evening and wouldn't have noticed the tunnel if the guard hadn't announced its approach. Twenty minutes later we were out the other side and finally beginning to move. The driver stated that we were travelling at 300kph on the way to Lille and it felt like it! The track between Lille and Brussels hasn't been upgraded yet, so the last hour of the journey was much like the first, about 100kph.

Now, back to the meeting. Walter Debacker gave a short resume of the recent G7 meeting in Brussels in regard to IT. The European Commission is setting up two bodies to advise on the measures that Europe should take in preparation for a fully-fledged "Information Society". The "Information Society Forum" will consist of 100-150 experts recommending projects to be implemented by the Commission. The Chair will be elected, but the Vice- Chair will be Martin Bangermann who made the original proposal. The Commission sees the way forward in terms of "dynamic competition" and "private investment" leading to a "universal provision of services". It's fascinating to hear these bureaucrats using the same phrases again and again that have come from some important document or another. However, what I did find interesting were references to a "diversity of content" which, according to Mr Debacker, meant that cultural differences would be respected. What a change from the past! The second body is a business-type consortium to develop the European chapter of the WWW, rather like MIT in the USA.

EurOpen has made a proposal to the European Commission to develop a WWW server concerned with cultural and multi- lingual aspects of the Commission's work. The remainder of the meeting focused on what tools and services we ourselves would need to make the most of such a proposal. Këld Simonsen from DKUUG was present and has been working in the area of Internationalisation for some time. He outlined some of the basic differences between different cultures, such as address formats, collating sequences, telephone numbers, and, in business, ordering and invoicing practice. We felt that a database which could be expressed in many different cultural ways would be useful.

Those of us who have experience in providing WWW servers were interested in usage information and feedback from users (this is required as part of the proposal). The meeting decided that we required tools for analysing WWW page accesses and interactive forms requesting feedback from users of our experimental pages. Fortunately, these facilities are already available, and can be incorporated within the proposed WWW server.

Our next meeting is scheduled for 20 September 1995, when we should know if our proposal has been accepted.


Across the Pond

5th USENIX UNIX Security Symposium

5-7 June 1995
Salt Lake City, Utah, USA

Program Chair: Fred Avolio, Trusted Information Systems, Inc.

The goal of this symposium is to bring together security practitioners, researchers, system administrators, systems programmers, and others with an interest in computer security as it relates to networks and the UNIX operating system. This will be a three-day, single-track symposium, consisting of tutorials, refereed and invited technical presentations, and panel sessions. The first day will be devoted to tutorial presentations designed to address the needs of both technical and management attendees. Tutorials will supply overviews of various security mechanisms and policies. Each will provide specifics for implementing numerous local and network security precautions, firewalls, and monitoring systems. The keynote address by Stephen T. Walker, Founder and President of Trusted Information Systems, Inc., will open the two days of technical sessions. Mr. Walker will speak on information security and privacy in computing. The technical sessions program, in addition to presentations of refereed papers, will include invited talks, and possibly panel sessions. There will also be two evenings available for Birds-of-a-Feather sessions and Works-in-Progress Reports.


From the Net

CDE Challenges Windows Juggernaut At Uniforum '95

Common Desktop Environment (CDE) is real. According to Information Week Magazine over a dozen vendors announced CDE software running on their hardware at Uniforum '95. CDE represents the single most comprehensive effort to unify the UNIX desktop on record. If accepted by users, CDE could assure UNIX workstations and servers a place in the hearts of those who see it as the most viable alternative for companies downsizing from mainframes (i.e. other than Windows NT). In related stories, Oracle changed the name of its Cooperative Development environment to Developer/2000 and SunSoft announced that its version of CDE would support OpenWindows applications, according to PC Week Magazine.

The TriTeal Corporation confirmed today that its enhanced version of CDE called the TriTeal Enterprise Desktop (TED) for AIX 3.25 and SunOS 4.1.3 and above are now shipping. TED supports CDE plus an integrated World Wide Web (WWW) browser and Windows/Windows NT client connectivity. Support for Solaris 2.3/2.4 and HP-UX 9.0+ will be forthcoming in the first week of April 1995. Single user licenses with a CD-ROM and documentation set are available for US $425.00 each. Right-to-use licenses are priced at US $340.00 each. Tri-Teal Corp. can be reached at info@triteal.com, +1 619-930-2077.

From ACCENTServer E-Newsletter Vol 2 No.1 20 March 1995


Calendar of Events

1995

Acronyms for 1995

AFUU
French UNIX User Group
ARPA
Advanced Research Projects Agency
ASCII
American Standard Code for Information Interchange
BBS
Bulletin Board Service
BITNET
Because It's Time NETwork
CD-ROM
Compact Disk-Read Only Memory
CDE
Common Desktop Environment
COPS
Security Checker System from Purdue University
DEC
Digital Equipment Corporation
DKUUG
Danish UNIX User Group
EARN
European Academic and Research Network
EBONE
European Networking Backbone
ECU
European Currency Unit
EU
European Union
EurOpen.SE
Swedish UNIX User Group
FTP
File Transfer Protocol
GUI
Graphical User Interface
IBM
International Business Machines
ICT
Information and Communication Technology
IP
Internet Protocol
ISS
Internet Security Scanner
LAN
Local Area Network
LISA
Large Installation System Administration
LSI-11
16-bit microcomputer manufactured by DEC
LUG
Local (UNIX) User Group
MIT
Massachusetts Institute of Technology
NFS
Network File System
NIS
Network Information System
PC
Personal Computer
SAGE
System Administrators' Guild
SEAL
DEC's Firewall Consultancy Service
SIG
Special Interest Group
SOCKS
SOCK-et-S (Firewall Proxy Host)
SU2SG
Small UNIX Users Systems Group
Tcl
Tool Control Language
Tcl/Tk
See Tcl and Tk
TCP/IP
See TCP and IP
TCP
Transmission Control Protocol
TED
TriTeal Enterprise Desktop
TELNET
Internet Remote Login
TIS
Trusted Information Systems (Firewall toolkit)
Tk
Toolkit for the X Window System
Tripwire
Change Control Software from Purdue University
WAIS
Wide Area Information Server
WAN
Wide Area Network
WWW
World Wide Web
XINU
XINU Is Not UNIX, an operating system for LSI-11s
Tel: 01763 273 475
Fax: 01763 273 255
Web: Webmaster
Queries: Ask Here
Join UKUUG Today!

UKUUG Secretariat
PO BOX 37
Buntingford
Herts
SG9 9UQ