In today’s world of international networks and electronic commerce, every computer system is a potential target. Rarely does a month go by without news of some major network or organization having its computers penetrated by unknown computer criminals. These intrusions have become especially sinister in recent years: computers have been turned into attack platforms for launching massive denial of service attacks, credit-card numbers have been plundered from databases and then used for fraud or extortion, hospital medical records have been accessed by children who then used the information to play malicious practical jokes on former patients, business records have been surreptitiously altered, software has been replaced with secret “back doors” in place, and millions of passwords have been captured from unsuspecting users. There are also reports of organized crime, agents of hostile nation states, and terrorists all gaining access to government and private computer systems, using those systems for nefarious purposes.
All attacks on computer systems are potentially damaging and costly. Even if nothing is removed or altered, system administrators must often spend hours or days analyzing the penetration and possibly reloading or reconfiguring a compromised system to regain some level of confidence in the system’s integrity. As there is no way to know the motives of an intruder, and the worst must always be assumed.
People who break into systems simply to “look around” do real damage, even if they do not access confidential information or delete files.
Many different kinds of people break into computer systems. Some people are the equivalent of reckless teenagers out on electronic joy rides. Similar to youths who “borrow” fast cars, their main goal isn’t necessarily to do damage, but to have what they consider to be a good time. Others are far more dangerous: some people who compromise system security are sociopaths—their goal is to break into as many systems as possible for the mere challenge of doing so. Others see themselves as being at “war” with rival hackers; woe to innocent users and systems who happen to get in the way of cyberspace “drive-by shootings!” Still others are out for valuable corporate information, which they hope to resell for profit or use for blackmail. There are also elements of organized crime, spies, saboteurs, terrorists, and anarchists.
The most dangerous computer criminals are usually insiders (or former insiders), because they know many of the codes and security measures that are already in place. Consider the case of a former employee who is out for revenge. The employee probably knows which computers to attack, which files will cripple the company the most if deleted, what the defenses are, and where the backup tapes are stored. Nevertheless, when these people attack, they may well come in from the Internet—perhaps from a compromised computer system in Eastern Europe or South America—to obscure their true identities.
Despite the risks, having an Internet presence has become all but a fundamental requirement for doing business in the United States, Western Europe, and, increasingly, the rest of the world. Every day, the number of Internet-connected computers increases. What’s more, our concept of what is a computer continues to broaden as well. It is now common for handheld devices weighing 8 ounces or less to have wireless Internet connections; some of these systems even run an embedded Unix operating system. By all indications, we are likely to see both more computers and more kinds of computers attached to the Internet in the years to come, and they are likely to be always on and always connected. All of these systems demand protection so that they can be run securely.
Interest in Unix has grown hand-in-hand with the deployment of the Internet. For many years, Unix ran the Internet; the majority of web servers on the Internet are still Unix-based. Unix systems likewise make great firewalls, mail servers, domain name servers, and more. What’s more, you can download and install a fully functional, up-to-date free Unix system with only a floppy disk and a high-speed Internet connection.
Get Practical UNIX and Internet Security, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.