Cover V06, I05
Article
Sidebar 1

may97.tar


Questions and Answers

Bjorn Satdeva

A Web-related news item that has seen little coverage in the United States is a report from the Berlin newspaper Tagespiegel from January 29, 1997. The report covered a television broadcast of the financial program "plusminus" on which hackers from the Chaos Computer Club demonstrated how to electronically transfer funds without needing a PIN (Personal Identification Number) or TAN (Transaction Number).

Apparently it is sufficient for the victim to download a rogue ActiveX application, which then checks to see whether Quicken (a common checkbook management package that offers electronic funds transfer) is on the machine. If found, Quicken is ordered to transfer money to an account of the attacker's choice.

The newspaper quotes various officials at Microsoft et al. expressing disbelief/outrage/ "we're working on it." However, there is really nothing new in the technology of this attack. As computer security people have argued for a long time, ActiveX gives full access to everything on the machine. With Netscape's browser, you at least have the option to turn off the use of applets. But to my knowledge, there is no way to turn off ActiveX in the Microsoft browser.

Before going to press, I did a search on the Microsoft Web pages to see if they had any information on this item, but found nothing related to this issue.

If the problems caused by ActiveX are not solved by Microsoft, we may start to see a large number of unauthorized accesses and security breaches created by the computer crackers. This may slow Microsoft's attempts to be the entity who controls and defines the Internet. But then, this may not be a bad thing...

I have received several questions asking when the main system administration conferences will take place. The most important conferences are the System Administration, Networking and Security (SANS) conference in the spring and the USENIX System Administration (LISA) conference in the fall each year. Additional conferences to note are the USENIX Security conference, the NT System Administration conference from USENIX, and the System and Network Administration conference (SNAC). Dates and contact information are shown in the conference information sidebar.

 Q I am attempting to set up epage. The paging is OK, but now I need to escalate pages if the first ones are not answered. Do you know of any code to do this? Are there any other products that you would recommend to do paging?

 A The short answer is that I do not know of a pager software package that can do this. If one of our readers knows of such a package, please email me, and I will forward the information. With that said, this seems to me to be an example of a common situation in system administration-related software. What you are asking for appears to be policy driven. In other words, what constitutes an answer to a page and in what situation would it not be answered? The best solution to this problem may be found by examining the policy and procedural issues. It is always difficult to solve people problems with a purely technical solution. In this case, establishing an "on duty" schedule specifying when specific people must be available to answer their pagers may be the best solution.

 Q In our site, we have SUN Solaris 2.x Servers, IBM RS/6000 Servers, HP 10.01 Servers, Novell and NT Servers. I do know how to sync the date across SUN servers by setting up a cron job to run the rdate command. How do I sync the date across my other platforms?

 A I have little experience with such software outside the UNIX environment. However, if you look at:

http://www.cis.udel.edu/~ntp/software.html

you will see an overview of a time synchronization software for Macintosh, DOS, Windows 3.1, Windows 95, Windows NT, Unix, OS/2, and Java.

 Q Can you provide me with a brief synopsis of how automounter should be configured in a large production environment? My concern is that the mounts will be slow across networking. Any opinions on automounter and its use will be greatly appreciated.

 A It is unavoidable that there will be some minor delays when the automounter must mount a directory before a user can use it. However, generally speaking, the automounter solves more problems than it creates. When all servers are up, and the network is not overloaded, it is doubtful that many users will notice these delays.

In a large production environment, or in any environment for the matter, it is not possible to make an isolated assessment of advantages and disadvantages of the automounter. This must be done in connection with server and network performance. Also, an analysis of availability of resources must be performed before any of this can be determined.

In my experience, using the automounter has always been an improvement in the environment. However, the conversion from hard mounts to the use of the automounter is often painful due to the learning curve and the changes this will cause in the environment and the community. Start with resources that are not critical to your organization, such as the online man pages. Then, slowly add other directories as you gain experience and confidence.

About the Author

Bjorn Satdeva is the president of /sys/admin, inc., a consulting firm which specializes in large installation system administration. Bjorn is also co-founder and former president of Bay-LISA, a San Francisco Bay Area user's group for system administrators of large sites. Bjorn can be contacted at /sys/admin, inc., 2787 Moorpark Ave., San Jose, CA 95128; electronically at bjorn@sysadmin.com; or by phone at (408) 241-3111.