Operating System Security

1
Operating System Security
2
Lesson 1Security Principles
3
Definition of Security

• ISO 74982 Document
• Authentication
• Access Control
• Data Confidentiality
• Data Integrity
• Non-repudiation

4
Evaluation Criteria

• European Information Technology Security
  Evaluation Criteria (ITSEC) BS 7799
• Auditing processes
• Auditing file systems
• Assessing risks
• Maintaining virus controls
• Properly managing IT info in regards to daily
  business and security issues

5
Evaluation Criteria

• Trusted Computer Systems Evaluation Criteria
  (TCSEC)--by NCSC(U.S.)
• D?C1?C2?B1?B2?B3?A1
• Common Criteria(CC)

6
Security Levels

• Low
• Medium
• High

7
Security Mechanisms

• Specific security mechanisms
• Encipherment mechanisms
• Digital signature mechanisms
• Access control mechanisms
• Data integrity mechanisms
• Authentication mechanisms
• Traffic padding mechanism
• Wide security mechanisms
• Trusted functionality establish
• Security lables
• Security recovery

8
Security Management

• System security management
• address entire computer environment and its
  security
• Policy define , audit and recovery process
• Security service management
• involve the actual providers of security service
• Security Mechanism management
• Data traffic of padding
• Generating or assigning digital signatures
• Encryption keys
• Data integrity
• Access control work

9
Windows NT Security

• TCSEC C2 ?
• "Out-of-the-box"
• Resource information exposed
• Default access control
• Weak password encryption
• Weak audit policy

10
Windows NT Security Architecture

• Security elements
• User Authentication
• Access Control
• Encryption
• Audit
• Administration
• Windows NT has built-in support for user
  authentication, access control, administration,
  and auditing.

11
Windows NT security components

• Discretionary access control
• Object reuse
• Mandatory log on
• Auditing
• Control of access of object

12
Security components

• Security Identifiers (SIDs)
• Unique for all users,groups,computers
• Combined with
• Computer name
• Current time
• The amount of time the current user mode thread
  has spent using CPU time.
• Access tokens
• consists of user SID,the SID for groups to which
  the user belong,user name,and the name of the
  group to which belong

13
Security components

• Security descriptors

DACL Discretionary Access Control List SACL
System Access Control List
14
Security components

• Access control lists

15
Security subsystem

• Winlogon and GINA
• Local Security Authority
• Security Support Provider Interface
• Authentication Packages
• Security Support Providers
• Netlogon
• Security Account Manager

16
Security subsystems
1-25
17
UNIX Security

• General UNIX security vulnerabilities
• Morris virus - 1988
• Buffer overflows

18
Summary

• Definition of Security and Evaluation Criteria
• Security Mechanisms and Management
• Windows NT Security and Architecture
• UNIX Security Introduction

19
Lesson 2Account Security
20
Passwords

• Both systems need choose strong password
• Windows NT and passwords
• HKLM\System\CurrentControlSet\Control\LSA
• UNIX and passwords
• /etc/passwd, /etc/shadows

21
Windows NTAccount Security

• Renaming accounts
• Account policies
• Password age and length
• Password Restrictions
• Account lockout
• Implementing strong passwords

22
UNIXAccount Security

• Password aging(chage -m -M -W user)
• Logging unsuccessful attempts
  (grep login /var/log/messages)
• Search path
• Restricting root logins(/etc/securetty)
• Timing out idle users
• Monitoring accounts(w, who, last..)

23
Summary

• Important of passwords strength
• Windows NT Account Security
• UNIX Account Security

24
Lesson 3File System Security
25
Windows NTFile System Security

• NTFS vs. FAT
• NTFS file-level permission
• FAT no file permissions
• NTFS file-level permissions
• Read (R)
• Write (W)
• Execute (X)
• Delete (D)
• Change Permission (P)
• Take Ownership (O)

26
Windows NTFile System Security

• Drive partitioning

27
Remote File Access Control

• Full Control
• Change
• Read
• No Access

28
Combined Local and Remote Permissions

• Share Permissions
• NTFS Permissions
• Copying and moving files

29
UNIXFile System Security

• Files format
• The "umask" command
• The "chmod" command
• UIDs and GIDs
• The set bits
• setuid
• setgid
• sticky bits

30
Summary

• Windows NT File System Security
• Remote File Access Control
• Combined Local and Remote Permissions
• UNIX File System Security
• Set bits setuid, setgid and sticky bits

31
Lesson 4Assessing Risk
32
Security Threats

• Accidental threats(without any plan)
• Intentional threats
• Passive threats (sniffer)
• Active threats (spoofing by false ip)

33
Security Threats

• Types of Attacks
• Spoofing or masquerade attacks
• Replay attacks
• Denial-of-Service attacks
• Insider attacks
• Trapdoor attacks
• Keyloggers
• www.keyloggers.com

34
Windows NTSecurity Risks

• System Defaults
• Default installation directories
• Default accounts
• Default shares
  HKLM\system\currentcontroset\s
  ervice\ Lanmanserver\parameters
  autoshareserver0(dword)
• System Scanning
• Ipswitch WS_Ping ProPack
• WebTrends Security Analyzer

35
UNIXSecurity Risks

• The "rlogin" command
• Network Information System (NIS)
• Network File System (NFS)

36
UNIXSecurity Risks

• The "rlogin" command (port 513)
• Files concerned
• /etc/hosts.equiv
• HOME/.rhosts

37
UNIXSecurity Risks

• NIS Security Concerns
• NIS security problems
• No authentication requirements
• Contacting server by broadcast
• plain-text distribution
• No encryption when change passwd
• NIS security enhance
• TCP Wrapper(hosts.allow,hosts.deny)
• The "securenets" file(P177)

38
NFS security summary

• RPC is non-secure
• Secure RPC is not secure
• NFS file transfers are unencrypted
• Recommend
• Place NFS server behind firewall

39
Summary

• Security Threats
• Windows NT Security Risks
• System Scanning
• UNIX Security Risks
• rlogin, NIS and NFS Security Concerns

40
Lesson 5Reducing Risk
41
Patches and Fixes

• Microsoft Service Packs (SP)
• Windows NT 4.0 SP6a
• Windows 2000 SP2
• Microsoft hot-fixes
• Red Hat Linux errata
• Security Bulletins Advisories

42
Windows NTRegistry Security

• Registry structure
• HKEY_LOCAL_MACHINE
• Hardware
• SAM
• Security
• Software
• System
• HKEY_USER
• HKEY_CURRENT_USER
• HKEY_CLASSES_ROOT
• HKEY_CURRENT_CONFIG

43
Implementing registryaccess controls

• Broad security permissions
• Read
• Full Control
• Specific control permissions
• Query Value
• Set Value
• Create Subkey
• Enumerate Subkeys
• Notify
• Create Link
• Delete
• Write DAC
• Write Owner
• Read Control
• Auditing the registry

44
Disabling and RemovingUncessary NT Services

• Remove vs. Disable
• Securing network connectivity
• Null SMB session
• SMB session authentication
• SMB signature

45
Disabling and RemovingUncessary NT Services

• Miscellaneous configuration changes
• Securing printer drivers
• Hiding the last user name
• Securing shared system objects
• Clearing the page file on shutdown
• Disabling caching of logon credentials
• Securing the scheduler service
• Securing removable media

46
Disabling and Removingunnecessary UNIX Services

• The "tftp" command
• Denying incoming access(/etc/ftpusers)
• Denying outgoing access(/etc/inetd.conf)

47
Miscellaneous

• TCP Wrapper(telnetd,ftpd,rlogind,rshd..)
• Message Digest 5 (MD5)
• Audit logging in Windows NT

48
Summary

• Patches and Fixes
• Registry Security
• Disabling and Removing Unnecessary Services in
  Windows NT
• Disabling and Removing Unnecessary Services in
  UNIX
• TCP Wrapper and MD5
• Logging in Windows NT

49
End OSS module

• Thanks!