<><><><><><><><><><><><><><><><><><><>!<><><><><><><><><><><><><><><><><><><><> #% ..uXu.. 1992 %# %# Underground eXperts United #% #% presents... %# %# -=*=- #% #% The European Digest Series Vol.2 Issue #2 %# %# 1992 By THE CHIEF ..uXu.. #% <><><><><><><><><><><><><><><><><><><>!<><><><><><><><><><><><><><><><><><><><> SECOND SPECIAL MANUAL SERIES - DIGITAL VMS VERSION 5.0 NEW FEATURES MANUAL #1 Contents... 01.............Introduction 02.............Contents In This Issue 03.............New Security Management Features (8) 04.............Recommended 05.............End Comments 1. INTRODUCTION --------------- Welcome to TED Vol.2 Issue #2 - The uXu File #74! While we're doing the Xenix tutorial guide, we recently found that people working with larger systems needed some updates on the security of newer versions of Operating Systems, and therefor we made this special issue on the security improvements of Digital's VMS version 5.0. If you need other updates, perhaps for other operating systems, just let us know, and we'll supply you with the needed information in future issues of TED. 2. CONTENTS IN THIS ISSUE ------------------------- DIGITAL VMS Version 5.0 New Features Manual ---> Chapter 8 New Security Management Features 8.1 SET AUDIT Qualifier: /FAILURE_MODE ............................ 8-2 8.2 Forced Password Change ........................................ 8-2 8.3 Managing Proxy Logins ......................................... 8-3 8.3.1 ADD/PROXY Command ..................................... 8-3 8.3.2 REMOVE/PROXY Command .................................. 8-3 8.3.3 MODIFY/PROXY Command .................................. 8-4 8.3.4 Proxy Access by User Identification Code (UIC) ........ 8-4 8.3.5 Permanent Proxy Database: NETPROXY.DAT ................ 8-5 8.3.6 Network Control Program (NCP) SET EXECUTOR Parameters . 8-4 8.4 Queue Protection Using Access Control Lists (ACLs) ............ 8-5 8.5 True Highwater Marking ........................................ 8-5 [EXTRA IN THIS ISSUE: SECTION 7.8 INCLUDED] 7.8 Queue Protection Using Access Control Lists (ACLs) ............ 7-7 7.8.1 Granting Users CONTROL Access to Queues ............... 7-7 3. NEW SECURITY MANAGEMENT FEATURES (8) --------------------------------------- _______________________________________________________________________________ CHAPTER 8 NEW SECURITY MANAGEMENT FEATURES _______________________________________________________________________________ VMS Version 5.0 includes the following new security management features: ----------------------------------------------------------------------------- Feature Function ----------------------------------------------------------------------------- MANAGING AUDITS ----------------------------------------------------------------------------- New SET AUDIT qualifier: Specifies how VMS should proceed when unable /FAILURE MODE to perform security audits due to insufficient system resources. ----------------------------------------------------------------------------- MANAGING PASSWORDS ----------------------------------------------------------------------------- Forced Password Change Requires users to change expired passwords at login. ----------------------------------------------------------------------------- MANAGING PROXY LOGINS ----------------------------------------------------------------------------- Enchanced ADD/PROXY Command Allows remote users proxy access to up to 16 local accounts. Designates one proxy account as the default for the specified remote user. Enchanced REMOVE/PROXY Command Removes proxy access to the specified local accounts by the remote user. New MODIFY/PROXY Command Changes the default designation to the specified proxy account or removes the default designation. Proxy access by UIC Allows users on non-VMS operating systems proxy access to accounts on the locl node. New permanent proxy database Specifies NETPROXY.DAT as the permanent proxy database. New Network Control Program Control whether or not proxy accounts are (NCP) SET EXECUTOR Parameters accessible. ----------------------------------------------------------------------------- MANAGING QUEUES ----------------------------------------------------------------------------- Queue protection using access Provides added protection of queues with control lists (ACLs) ACLs. For information about this new feature, see Section 7.8. [Below, you'll find Section 7.8 for your comfort =uXu Staff=] ----------------------------------------------------------------------------- MANAGING FILES ----------------------------------------------------------------------------- True high water marking Provides true highwater marking for sequential, exclusively accessed files. ----------------------------------------------------------------------------- _______________________________________________________________________________ 8.1 SET AUDIT Qualifier: /FAILURE_MODE _______________________________________________________________________________ The system manager can use the DCL command SET AUDIT to enable a variety of security alarms. Security alarms are written to a permanent system mailbox and copied to the operator log file, OPERATOR.LOG, by OPCOM (the operator communication process). If the write should fail because of insufficient resources on the system, the process is put in the MWAIT (miscellaneous wait) state to wait for the resource. It may be undesirable to have processes put in the MWAIT state. (For example, a process in MWAIT might cause a cluster to hang if the process holds an exclusive lock on a cluster-wide resource, such as the user authorization file.) For VMS Version 5.0, the system manager can use the new SET AUDIT qualifier /FAILURE_MODE to chose the action the VMS operating system takes when security alarms cannot be written. Use the new SET AUDIT qualifier /FAILURE_MODE to specify how the VMS operating system proceeds if it is unable to perform a security audit. For more information about the new SET AUDIT qualifier /FAILURE_MODE, see the SET AUDIT command description in the VMS DCL DICTIONARY. _______________________________________________________________________________ 8.2 Forced Password Change _______________________________________________________________________________ In VMS Version 5.0, users whose passwords have expired must change their expired passwords before being allowed to log in. The operating system prompts for a new password at login. If users abort the login attempt using CTRL/Y, they will be prompted for a new password at each subsequent login attempt until they set a new password. In VMS Version 5.0, users cannot log in until they change their expired passwords. In previous versions of VMS, users were warned of expired passwords but were allowed one final login. Users who logged out before setting a new password were locked out of the system and forced to request the system manager to restore the account. With VMS Version 5.0, the system manager can set the AUTHORIZE flag DISFORCE_PWD_CHANGE to disable the forced password change feature and return to VMS Version 4.0 behaviour. For more information about the forced password feature, see Chapter 3 and Chapter 5 in the GUIDE TO VMS SYSTEM SECURITY. _______________________________________________________________________________ 8.3 Managing Proxy Logins _______________________________________________________________________________ VMS Version 5.0 includes the following new proxy login features:  Proxy access to multiple local accounts. The system manager can use the Authorize Utility ADD/PROXY command to allow remote users proxy access to up to 16 local accounts. Use the /DEFAULT qualifier to designate one account as the default proxy account.  Ability to modify the default proxy account. Use the new AUTHORIZE command MODIFY/PROXY to designate a different proxy account as the default, or specify MODIFY/PROXY/NODEFAULY to remove the default designation from the specified remote user.  Proxy access for users on operating systems where users are identified only by User Identification Code (UIC). Note that these systems must be Phase IV DECnet nodes.  New Network Control Program (NCP) SET EXECUTOR parameters to manage proxy logins. _______________________________________________________________________________ 8.3.1 ADD/PROXY Command _______________________________________________________________________________ Prior to VMS Version 5.0, the Authorize Utility command ADD/PROXY enabled you to allow remote users proxy access to a single local account. VMS Version 5.0 enables system managers to provide remote users with proxy access to up to 16 local accounts. The 16 accounts include 1 default proxy account and 16 alternate proxy accounts. For more information about the ADD/PROXY command, see the Commands section of the VMS AUTHORIZE UTILITY MANUAL. _______________________________________________________________________________ 8.3.2 REMOVE/PROXY Command _______________________________________________________________________________ The Authorize Utility command REMOVE/PROXY has been enchanced for VMS Version 5.0 to allow you to selectively delete proxy accounts from the network proxy database for a specified remote user. For more information about the REMOVE/PROXY command, see the Commands section of the VMS AUTHORIZE UTILITY MANUAL. _______________________________________________________________________________ 8.3.3 MODIFY/PROXY Command _______________________________________________________________________________ VMS Version 5.0 includes a new Authorize Utility command, MODIFY/PROXY, that changes the designation of the default proxy account or removes the default in the network proxy database. For more information about the MODIFY/PROXY command, see the Commands section of the VMS AUTHORIZE UTILITY MANUAL. _______________________________________________________________________________ 8.3.4 Proxy Access by User Identification Code (UIC) _______________________________________________________________________________ Prior to VMS Version 5.0, proxy access was not supported from systems other than the VMS operating system. For VMS Version 5.0, users on any remote systems that implement DECnet Phase IV+ can be granted proxy access to the local node. For non-VMS systems, specify the remote user's User Identification Code (UIC) in the user name field. For more information about specifying proxy accounts by UIC, see the ADD/PROXY command description in the VMS AUTHORIZE UTILITY MANUAL. _______________________________________________________________________________ 8.3.5 Permanent Proxy Database: NETPROXY.DAT _______________________________________________________________________________ Prior to VMS Version 5.0, the name of the proxy database was NETUAF.DAT. The new permanent proxy database is NETPROXY.DAT. All changes made to the permanent database with the Authorize Utility are automatically updated in the volatile database on the running system and cluster. _______________________________________________________________________________ 8.3.6 Network Control Program (NCP) SET EXECUTOR Parameters _______________________________________________________________________________ Prior to VMS Version 5.0, network managers enabled proxy access with the NCP SET EXECUTOR command parameter DEFAULT PROXY. VMS Version 5.0 replaces the DEFAULT PROXY parameter with the following new SET EXECUTOR parameters:  INCOMING PROXY - Controls proxy access from the remote node to the local node.  OUTGOING PROXY - Controls proxy access from the local node to the remote node. Each parameter has the following options:  ENABLED - Enables proxy access  DISABLED - Disables proxy access For more information about the NCP SET EXECUTOR parameters, see Chapter 3 of the VMS NETWORKING MANUAL. _______________________________________________________________________________ 8.4 Queue Protection Using Access Control Lists (ACLs) _______________________________________________________________________________ Prior to VMS Version 5.0, system managers defined access to queues through standard UIC-based protection. VMS Version 5.0 provides additional protection of batch and device (printer, server, and terminal) queues with ACLs. Specify the new object type, QUEUE, to the /OBJECT_TYPE qualifier when adding ACLs to queues with the ACL editor or with the DCL command SET ACL. For more information about queue protection using ACLs, see Section 7.8. For more information about ACLs, see the VMS ACCESS CONTROL LIST EDITOR MANUAL, and the description of the SET ACL command in the VMS DCL DICTIONARY. _______________________________________________________________________________ 8.5 True Highwater Marking _______________________________________________________________________________ Highwater marking keeps users from reading file space beyond the areas where they have been permitted to write. The outer limit of written space on the file is that file's highwater mark. This technique prevents users from scavenging unauthorized portions of the disk. Prior to VMS Version 5.0, the VMS operating system implemented highwater marking using a technique known as 'erase-on-allocate', where blocks of disk space are erased as they are allocated to the user. VMS Version 5.0 features true highwater marking for all sequential, exclusively accessed files. For more information about highwater marking, see Chapter 4 of the GUIDE TO VMS SYSTEM SECURITY. _______________________________________________________________________________ ------------------------------------------------------------------------------ SECTION 7.8 (extra in this issue of TED) SECTION 7.8 ------------------------------------------------------------------------------ 7.8 Queue Protecting Using Access Control Lists (ACLs) Access control lists (ACLs) define the kinds of access users are granted or denied to system resources such as files, devices and directories. VMS Version 5.0 extends the use of ACLs to queues. Prior to VMS Version 5.0, system managers defined access to queues only through standard UIC-based protection. VMS Version 5.0 provides protection of batch and device (printer, server, and terminal) queues using access control lists (ACLs) through use of a new object type, QUEUE. VMS provides two methods for manipulating ACLs: the ACL editor, invoked with he EDIT/ACL command, and the DCL command SET ACL. Use either method to apply or modify ACLs on queues. 7.8.1 Granting Users CONTROL Access to Queues In addition to the four types of access defined by the UIC-based protection scheme - READ, WRITE, EXECUTE, and DELETE - the VMS operating system provides a fifth access type available with ACLs - CONTROL. When used in combination with EXECUTE access, CONTROL access allows queue users to act as operators of the queue. Users with CONTROL and EXECUTE access to a queue can change any attributes of the queue. Users with only EXECUTE access to the queue are prohibited from modifying any of the security-related attributes of the queue, including the queue owner and queue protection (UIC or ACL). For more information about applying ACLs to queues, see Chapter 4 of the GUIDE TO VMS SYSTEM SECURITY, the description of the SET ACL command in the VMS DCL DICTIONARY, and the VMS ACCESS CONTROL LIST EDITOR MANUAL. [The above mentioned chapters will be included in the TED series On REQUEST] [=uXu Staff=] ------------------------------------------------------------------------------ 4. RECOMMENDED -------------- This section is included in every issue of The European Digest and will contain recommended stuff/boards/reading and so on. For this file, we recommend that you read the uXu file #58, and then WRITE to us, commenting on the idea. If we don't see any comments about the Awards, it is of no use to start working on the project and go through with it. You can mail me (The Chief) on the boards listed at the end of this file. Please understand that you all can vote, participate, and contribute to a better Computer Underground by letting us know what YOU think about the ideas expressed in the 58th file from uXu. Without input from our readers, we're nothing. With respect for the CU people (just not very much right now), THE CHIEF 5. END COMMENTS --------------- [] Scanning the file-areas and message-subs of the once full-of-hacker boards in the U.S of A, gives you a chill down your neck. Where have all the people gone? Where are the groups, once so successful? WHEN is the 200:th file from cDc going to be released? Are they dead? (I know they're not, I'm just trying to put some pressure on Ratt‚ here, heh heh..) What has happened to Activist Times Inc. and Network Information Access? WHERE IS 'THE SENSEI' (The Syndicate Report) ??? Is it true that all of them have converted to eLiTe-d00dz? WILL the pirate industry take over the computer underground? (God forbid). If anyone got answers to these questions, please feel free to contact me ASAP, thank you. The European Digest will not feature Hacking techniques, Phreaking, Carding, information about government systems or the basic underground rap. It will be different. It IS different. Manuals, The Underground Scene, Deep Deep whatever, and so on. Less 'general rag stuff' and More Miscellaneous stuff. Swedish Hacker News will be presented through the 'uXu - Swedish News' series, but ONLY in Swedish. English translations will however be published in another well-known underground rag. Check out the Next TED for the continuing Xenix Tutorial or More on VMS 5.0. You can reach me on the following boards for comments, contributions, membership, questions, ANSWERS or whatever: Ripco ][ [312]-528-5020 Condemned Reality [618]-397-7702 Demon Roach Underground [806]-794-4362 Solsbury Hill [301]-428-3268 Anonymous [+45]-981-89771 The Stash [+46]-13-175042 Sedes Diaboli [+46]-586-43766 You can't reach me on the following boards anymore. Reason(s) stated below. Balanced pH [818] Down Land Of Karrus [215] Down Lunatic Labs [213] (Well, sometimes) The Chief 1992 %&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%& % % & "Congress shall make no law respecting an establishment of religion, or & % prohibiting the free exercise thereof; or abridging the freedom of % & speech or of the press; or of the right of the people peaceably to & % assemble, and to petition the Government for a redress of grievances." % & & % This work is released according to the above Constitutional rights % & for INFORMATIONAL PURPOSES ONLY. & % % &%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&%&% ____________________________________________________________________________ ____________________________________________________________________________