Chapter 4 - Operating System and Security

7/30/2019 Chapter 4 - Operating System and Security

http://slidepdf.com/reader/full/chapter-4-operating-system-and-security 1/18

CHAPTER 4OPERATING SYSTEM

AND SECURITY



Identify basic security levels

Implement the system policy

Password

Account

Audit

User rights

System updates and hotfixes

OBJECTIVES



Use NTFS on all your partitions.

Disable Simple File Sharing.

Use passwords on all user account.

Use the Administrator Group with care.

Use a firewall if you have a full time internet connection.

Install antivirus software on all workstations.

Keep up to date with hot fixes and service packs.

Password protect the screensaver.

Secure your wireless network.

Secure your backup tapes.

BASIC SECURITY LEVEL (XP)



Password policy

Using your last name or the name of your pets as your password and

never changing it poses a security risk.

First of all, many pieces of information about you can be learned by

diligent hackers. Items such as your name, the names of yourchildren and other personal information should not be used.

To be strong, it is best if your password contains characters from

three of the following four categories :

English uppercase characters (a through z).

English lowercase characters (a through z).

Base 10 digits (0 through 9).

Non-alphabetic characters (for example, !, $, #, %).

You should also change your password frequently - at least every 30

days.

IMPLEMENTING SYSTEM POLICY



Account policy

Do not disclose a computer’s identity until login is completed

successfully.

Set up the operating system so that the system login screen does not

identify the computer system by name or function until after login iscomplete.

Unauthorized personnel do not need to know the identity of machines

unless they need to use them.




Audit policy

An audit log records an entry whenever users perform certain

specified actions.

For example, the modification of a file can trigger an audit entry that

shows the action that was performed, the associated user account,and the date and time of the action.

Success audit or failure audit




User rights

Allow users to perform tasks on a computer. User rights include log

on rights and privileges.

Logon rights control who is authorized to log on to a computer and

how they can log on. Privileges control access to computer and domain resources

An example of a logon right is the ability to log on to a computer

locally.

An example of a privilege is the ability to edit a document.

Both types of user rights are assigned by administrators to individualusers or groups as part of the security settings for the computer




A complex operating system does not immune to its own bugs

and security holes.

Hacker use the latest security hole to break into a sys tem and

work backward from there until they find and open door that

give them full access. Windows update features or automatic update keep the

system up to date.

CARRY OUT SYSTEM UPDATES



A hotfix is a code (sometimes called a patch) that fixes a bug

in a product.

Users of the products may be notified by e-mail or obtain

information about current hotfixes at a software vendor's Web

site and download the hotfixes they wish to apply. Keeping up with patches as they are released saves the end-

user time and provides maximum security

HOTFIXES



Patches require the system to be shut

down, then you must download the

patch before re-entering the system.

Hotfixes are applied directly while the

system’s are still alive.

Patches brings many changes Hotfixes are usually small changes to

the software

PATCHES VS HOTFIXES



CHAPTER 4LINUX SECURITY

APPROACHES



Identify and disabled unnecessary port and services

Lock identified ports

Carry out system hardening with Bastille

Maintain controlling and auditing of Root Access using SUDO

OBJECTIVES



When determining which ports to block on your ser ver, you

must first determine which services you require.

In most cases, block all ports that are not exclusively required

by these services. This is tricky, because you can easily block

yourself from services you need. If your server is an exclusive e-mail ser ver running SMTP and

IMAP, you can block all TCP ports except ports 25 and 143,

respectively.

If your server is an exclusive HTTP server, you can block all

ports except TCP port 80.

DETERMINING PORT TO BLOCK



Hardening is a process of modifying a system to make it

highly secure.

For hardening activities to be most successful should :

Do hardening activities before the system is connected to the

network to avoid attacks. Base configuration on the least-privilege model: the system should

grant access only to the degree necessary for proper functionality.

Similarly, users should be allowed only the minimum set of access

rights they need

CARRY OUT SYSTEM HARDENING



Bastille is a software tool that eases the process of hardening

a Linux system, giving you the choice of what to lock down

and what not to, depending on your security requirements.

Bastille is a set of Perl scripts that run as an interactive

program, asking questions for each step of the hardeningprocess.

The scripts explain each step well, enabling you to unders tand

what security measures will be introduced by any changes you

make and why.

Bastille currently works with Red Hat, Fedora, SUSE, Debian,Ubuntu, Gentoo, and Mandriva distributions, as well as HP-UX.







Superuser Do (SUDO) is an open source security tool that

allows an administrator to give specific users or groups the

ability to run certain commands as root or as another user.

The program can also log commands and arguments entered

by specified system users. Sudo was first released to the public in the summer of 1986,

and Todd Miller of Courtesan Consulting currently maintains

the program and distributes it freely under a BSD-style

license.

CONTROLLING AND AUDITING ROOT ACCESS

WITH SUDO



CONTROLLING AND AUDITING ROOT ACCESS

WITH SUDO

Documents

Chapter 4 - Operating System and Security