CXL - Securing your mid-range systems.
unix, os400 vms security reviews
unix, os400 vms security reviews
unix, os400 vms security reviews
Purchase azscan
CXL review service
unix, os400 vms security reviews
unix, os400 vms security reviews
 
OS/400 security reviews
unix, os400 vms security reviews
    
unix, os400 vms security reviews
unix, os400 vms security reviews
 
Unix security reviews
unix, os400 vms security reviews
        
 
VMS reviews security
          
 
Obtaining your input files
 
 

To enable UScan to work, you have to give it copies of 4 files from the Unix system being reviewed. These files are either simply copied by the system manager for you and fed into the software for review or a fourth file is a created directory listing..

1. The password file

This file is normally called /etc/passwd and looks like this:

root:x:0:1:Superuser:/:
daemon:x:1:1:System daemons:/etc:
bin:x:2:2:Owner of system commands:/bin:
sys:x:3:3:Owner of system files:/usr/sys:
adm:x:4:4:System accounting:/usr/adm:
uucp:x:5:5:UUCP administrator:/usr/lib/uucp:

2. The shadow file

This file is normally called /etc/shadow and looks like this:

acdrm:WxWe0sfymi/J8:9694::
lch:0.vsmJYWoUCx.:9682::
krp:MmOXu5Iyt8fkA:9686::
accwa:DFfv7O3HPguLi:9700::
aod:GwY6jJSZzhQH.:9688::
sad:doeG9VoauA2Pw:9701::

On some operating systems, the location of the shadow file can change. Below are some alternative locations.

BSD4.3-Reno /etc/master.passwd
ConvexOS 10 /etc/shadpw *
HP-UX /.secure/etc/passwd *
OSF/1 /etc/passwd[.dir|.pag] *
Ultrix 4 /etc/auth[.dir|.pag] *
UNICOS /etc/udb *

3. The group file

This file is normally called /etc/group and looks like this:

bin::2:bin,daemon
sys::3:bin,sys,adm
adm::4:adm,daemon,listen
uucp::5:uucp,nuucp
mail::7:
asg::8:asg
network::10:network

4. The directory file

This file does not normally exist on the system and is the one file that has to be created using the ls command. (On a PC this is the dir command.)

First go to the root directory using the command CD . This is the very top level directory. (On a PC it would be CD C:\) Note the . after CD.

Next issue the ls command with extra parameters ls -laRF > DirFile.txt

This command produces a complete directory listing of the system with dates, file sizes and permissions. A sample of this is shown below.

drwxr-xr-x 18 root bin     640 Jul 29 11:31 ./
drwxr-xr-x 18 root bin     640 Jul 29 11:31 ../
-rw-------  1 root other     3 Aug 09 1994  .defprint
-rw-------  1 root other    59 Sep 20 1994  .desked_pref
-r--------  1 root auth      0 Jul 23 15:54 .lastlogin
-rw-------  1 root root     15 Dec 14 1991  .mailrc
-rwxrwxrwx  1 root root    751 Dec 14 1991  .profile*
-rw-r--r--  1 root root    833 Mar 21 1994  .utillist2
drwxr-xr-x  2 bin  bin    2032 Jan 12 1994  bin/
-r--------  1 bin  bin   77981 Jun 05 1992  boot
drwx------  2 root other    32 Jan 07 1970  clipdir/

The output of this command is fed into a newly created file called DirFile.txt or any name you choose. The resultant file is copied to the PC for UScan to review and is referred to as the 'directory file'.

operating systems tests files reports home
OSA OSU OSV Testa Testu Testv Filesa Filesu Filesv Reports Home AReport UReport VReport
 
www.cxlsecure.com