<!-- MHonArc v2.4.4 -->
<!--X-Subject: META: System Security (was: Re: [MUD-Dev] players who "take away from the game") -->
<!--X-From-R13: X Q Znjerapr <pynjNpc.arg> -->
<!--X-Date: Wed, 10 Nov 1999 16:48:30 -0800 -->
<!--X-Message-Id: E11liPW-0000Pa-00#under,eng.cp.net -->
<!--X-Content-Type: text/plain -->
<!--X-Reference: 11A17AA2B9EAD111BCEA00A0C9B4179303D6DE5F#molach,origin.ea.com -->
<!--X-Reference: 7epuxivf4x.fsf#zesoi,fer.hr -->
<!--X-Reference: E11leTP-0004Yr-00#under,eng.cp.net -->
<!--X-Reference: 008001bf2bd2$5aa78dc0$dd630304#dsl,gtei.net -->
<!--X-Head-End-->
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<html>
<head>
<title>MUD-Dev message, META: System Security (was: Re: [MUD-Dev] players who "take aw</title>
<!-- meta name="robots" content="noindex,nofollow" -->
<link rev="made" href="mailto:claw#cp,net">
</head>
<body background="/backgrounds/paperback.gif" bgcolor="#ffffff"
text="#000000" link="#0000FF" alink="#FF0000" vlink="#006000">
<font size="+4" color="#804040">
<strong><em>MUD-Dev<br>mailing list archive</em></strong>
</font>
<br>
[ <a href="../">Other Periods</a>
| <a href="../../">Other mailing lists</a>
| <a href="/search.php3">Search</a>
]
<br clear=all><hr>
<!--X-Body-Begin-->
<!--X-User-Header-->
<!--X-User-Header-End-->
<!--X-TopPNI-->
Date:
[ <a href="msg00200.html">Previous</a>
| <a href="msg00202.html">Next</a>
]
Thread:
[ <a href="msg00196.html">Previous</a>
| <a href="msg00159.html">Next</a>
]
Index:
[ <A HREF="author.html#00201">Author</A>
| <A HREF="#00201">Date</A>
| <A HREF="thread.html#00201">Thread</A>
]
<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
<H1>META: System Security (was: Re: [MUD-Dev] players who "take away from the game")</H1>
<HR>
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->
<UL>
<LI><em>To</em>: <A HREF="mailto:mud-dev#kanga,nu">mud-dev#kanga,nu</A></LI>
<LI><em>Subject</em>: META: System Security (was: Re: [MUD-Dev] players who "take away from the game") </LI>
<LI><em>From</em>: J C Lawrence <<A HREF="mailto:claw#cp,net">claw#cp,net</A>></LI>
<LI><em>Date</em>: Wed, 10 Nov 1999 16:48:22 -0800</LI>
<LI><em>Reply-To</em>: <A HREF="mailto:mud-dev#kanga,nu">mud-dev#kanga,nu</A></LI>
<LI><em>Sender</em>: <A HREF="mailto:mud-dev-admin#kanga,nu">mud-dev-admin#kanga,nu</A></LI>
</UL>
<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->
<HR>
<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
<PRE>
On Wed, 10 Nov 1999 16:59:18 -0600
Grey <Eli> wrote:
> What precautions should be taken when writing a MUD codebase from
> scratch?
There are some useful links in the library under:
<A HREF="http://www.kanga.nu/library.php3?viewCat=32">http://www.kanga.nu/library.php3?viewCat=32</A>
Writing secure code is not something done automatically or without
forethought. Small assumptions may have large exposures. Writing
secure protocols is tougher than just writing secure code.
The guys who wrote Diablo or the UOL clients or protocols were not
incompetent. They did however not realise how hostile the
environment they were operating in was. This fact alone cost both
companies significantly.
From the laws:
Never trust the client.
Never put anything on the client. The client is in the hands
of the enemy. Never ever ever forget this.
> Are most security holes that a MUD box might have at the OS level,
> or does having a program like a MUD running open up opportunities
> that would not otherwise exist (assuming that the ability to issue
> OS commands and such is not a feature)?
Both levels of exploit can exist, but the primary concerns are:
Does the server run as a privileged user? (ie Can an exploit can
gain at least that level of access?).
Is the server or any other eassociated code capable of being
exploited? (ie Can any user can get all the access the server's
user has?).
Does the server or associated programs expose weaknesses in the
host system? (While comparitively rare, these do exist tho usually
in the form of DoS attacks).
The documents referenced by the library discuss the area at more
length eithout doing much more than trifling with the area.
Before you start you need to define what your level of security is.
What actions are acceptable for your users, and what are not. Some
of my metrics, for instance:
I do not allow shell accounts on Kanga.Nu. Period.
The only person who can run arbitrary commands on Kanga.Nu is me.
All user authentication shall be by known secure and encrypted
means (ie SSH v1.x or telnet-ssl).
All public services shall run as the user "nobody".
No services or ports, other than the absolute minimum required for
operation shall be exposed.
Where possible all exposed ports will filter to the exact IP
ranges that are allowed to connect to them. (TCP Wrappers)
There are obvious exceptions to this in the current Kanga.Nu: my MTA
(Exim) and wu-ftpd both run as root. The various DB services
(Library, UdmSearch, Poll (coming soon), Zope etc) have other
exposures and are something I need to spend some research time on.
However this somewhat outside of the area of server design and
implementation.
> Also, I am very curious about Kanga.Nu being "regularly attacked."
Port scans, ping floods, smurf attacks, SYN floods, attempted stack
exploits, regular probes for known buggy CGI's, weird attempted
logins from odd sources, etc.
> Would you (JCL or others) be able to describe the kind of attacks
> these usually are?
Nothing terribly unusual to date. Recently my FTP server has been
getting a lot of attention from Script Kiddies. No holes _yet_, but
I want to get off wu-ftpd PDQ and get onto something that runs with
no rights and does AFTP only.
> How you might prevent them from working, etc. :)
I don't believe in security thru obscurity for the general case.
There are certain cases where it is useful, but not to rely on.
--
J C Lawrence Internet: claw#kanga,nu
----------(*) Internet: coder#kanga,nu
...Honorary Member of Clan McFud -- Teamer's Avenging Monolith...
_______________________________________________
MUD-Dev maillist - MUD-Dev#kanga,nu
<A HREF="http://www.kanga.nu/lists/listinfo/mud-dev">http://www.kanga.nu/lists/listinfo/mud-dev</A>
</PRE>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<HR>
<!--X-Follow-Ups-End-->
<!--X-References-->
<UL><LI><STRONG>References</STRONG>:
<UL>
<LI><STRONG><A NAME="00154" HREF="msg00154.html">RE: [MUD-Dev] players who "take away from the game"</A></STRONG>
<UL><LI><EM>From:</EM> "Koster, Raph" <rkoster#origin,ea.com></LI></UL></LI>
<LI><STRONG><A NAME="00167" HREF="msg00167.html">Re: [MUD-Dev] players who "take away from the game"</A></STRONG>
<UL><LI><EM>From:</EM> Miroslav Silovic <silovic#zesoi,fer.hr></LI></UL></LI>
<LI><STRONG><A NAME="00186" HREF="msg00186.html">Re: [MUD-Dev] players who "take away from the game"</A></STRONG>
<UL><LI><EM>From:</EM> J C Lawrence <claw#cp,net></LI></UL></LI>
<LI><STRONG><A NAME="00196" HREF="msg00196.html">System Security (was: Re: [MUD-Dev] players who "take away from the game")</A></STRONG>
<UL><LI><EM>From:</EM> "Eli Stevens (Grey)" <ens017#mizzou,edu></LI></UL></LI>
</UL></LI></UL>
<!--X-References-End-->
<!--X-BotPNI-->
<UL>
<LI>Prev by Date:
<STRONG><A HREF="msg00200.html">RE: [MUD-Dev] Costikyan's new report on online gaming</A></STRONG>
</LI>
<LI>Next by Date:
<STRONG><A HREF="msg00202.html">Re: [MUD-Dev] players who "take away from the game"</A></STRONG>
</LI>
<LI>Prev by thread:
<STRONG><A HREF="msg00196.html">System Security (was: Re: [MUD-Dev] players who "take away from the game")</A></STRONG>
</LI>
<LI>Next by thread:
<STRONG><A HREF="msg00159.html">Re: [MUD-Dev] players who "take away from the game"</A></STRONG>
</LI>
<LI>Index(es):
<UL>
<LI><A HREF="index.html#00201"><STRONG>Date</STRONG></A></LI>
<LI><A HREF="thread.html#00201"><STRONG>Thread</STRONG></A></LI>
</UL>
</LI>
</UL>
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
<ul><li>Thread context:
<BLOCKQUOTE><UL>
<LI><STRONG>RE: [MUD-Dev] players who "take away from the game"</STRONG>, <EM>(continued)</EM>
<ul compact>
<LI><strong><A NAME="00154" HREF="msg00154.html">RE: [MUD-Dev] players who "take away from the game"</A></strong>,
Koster, Raph <a href="mailto:rkoster#origin,ea.com">rkoster#origin,ea.com</a>, Tue 09 Nov 1999, 19:36 GMT
<UL>
<LI><strong><A NAME="00167" HREF="msg00167.html">Re: [MUD-Dev] players who "take away from the game"</A></strong>,
Miroslav Silovic <a href="mailto:silovic#zesoi,fer.hr">silovic#zesoi,fer.hr</a>, Wed 10 Nov 1999, 18:17 GMT
<UL>
<LI><strong><A NAME="00186" HREF="msg00186.html">Re: [MUD-Dev] players who "take away from the game"</A></strong>,
J C Lawrence <a href="mailto:claw#cp,net">claw#cp,net</a>, Wed 10 Nov 1999, 20:36 GMT
<UL>
<LI><strong><A NAME="00196" HREF="msg00196.html">System Security (was: Re: [MUD-Dev] players who "take away from the game")</A></strong>,
Eli Stevens (Grey) <a href="mailto:ens017#mizzou,edu">ens017#mizzou,edu</a>, Wed 10 Nov 1999, 23:30 GMT
<UL>
<LI><strong><A NAME="00201" HREF="msg00201.html">META: System Security (was: Re: [MUD-Dev] players who "take away from the game")</A></strong>,
J C Lawrence <a href="mailto:claw#cp,net">claw#cp,net</a>, Thu 11 Nov 1999, 00:48 GMT
</LI>
</UL>
</LI>
</UL>
</LI>
</UL>
</LI>
</UL>
</LI>
<LI><strong><A NAME="00159" HREF="msg00159.html">Re: [MUD-Dev] players who "take away from the game"</A></strong>,
Philip Loguinov -- Draymoor <a href="mailto:fibhufky#erols,com">fibhufky#erols,com</a>, Wed 10 Nov 1999, 01:11 GMT
<UL>
<LI><strong><A NAME="00170" HREF="msg00170.html">Re: [MUD-Dev] players who "take away from the game"</A></strong>,
Greg Miller <a href="mailto:gmiller#classic-games,com">gmiller#classic-games,com</a>, Wed 10 Nov 1999, 18:17 GMT
</LI>
<LI><strong><A NAME="00172" HREF="msg00172.html">Re: [MUD-Dev] players who "take away from the game"</A></strong>,
Matthew Mihaly <a href="mailto:diablo#best,com">diablo#best,com</a>, Wed 10 Nov 1999, 19:11 GMT
<UL>
<LI><strong><A NAME="00173" HREF="msg00173.html">Re: [MUD-Dev] players who "take away from the game"</A></strong>,
J C Lawrence <a href="mailto:claw#cp,net">claw#cp,net</a>, Wed 10 Nov 1999, 19:21 GMT
</LI>
</UL>
</LI>
</UL>
</LI>
</ul>
</LI>
</UL></BLOCKQUOTE>
</ul>
<hr>
<center>
[ <a href="../">Other Periods</a>
| <a href="../../">Other mailing lists</a>
| <a href="/search.php3">Search</a>
]
</center>
<hr>
</body>
</html>