Post on 17-Jan-2016
Guide to Operating System Security
Chapter 1
Operating Systems Security – Keeping Computers and
Networks Secure
2 Guide to Operating System Security
Objectives
Explain what operating system and network security means
Discuss why security is necessary Explain the cost factors related to security Describe the types of attacks on operating
systems and networks Discuss system hardening, including features
in operating systems and networks that enable hardening
3 Guide to Operating System Security
What Is Operating System and Network Security?
Ability to reliably store, modify, protect, and grant access to information, so that information is only available to designated users
4 Guide to Operating System Security
Operating Systems and Security
Operating systems Provide basic programming instructions to
computer hardware Interface with user application software and
computer’s BIOS to allow applications to interact with hardware
Security issue Potential to provide security functions at every
level of operation
5 Guide to Operating System Security
Operating System Components
Application programming interface (API) Basic input/output system (BIOS)
Basic form of security: Configure BIOS password security
Kernel Resource managers Device drivers
6 Guide to Operating System Security
Operating System Functions and Components
7 Guide to Operating System Security
Computer Networks and Security
Computer network System of computers, print devices, network
devices, and computer software linked by communications cabling or radio and microwaves
Security issue All networks have vulnerable points that require
security
8 Guide to Operating System Security
Types of Networks
Classified by reach and complexity Local area networks (LANs) Metropolitan area networks (MANs) Wide area networks (WANs)
Enterprise networks
9 Guide to Operating System Security
Resources in an Enterprise Network
10 Guide to Operating System Security
Careers in Information Security
Number of jobs has increased by 100% per year since 1998
Potential for healthy salaries and organizational advancement
11 Guide to Operating System Security
Why Security Is Necessary
Protects information and resources Ensures privacy Facilitates workflow Addresses security holes and software bugs Compensates for human error or neglect
12 Guide to Operating System Security
Protecting Information and Resources
Security protects information and resources of: Businesses Educational institutions Government Telecommuters Personal users
13 Guide to Operating System Security
Ensuring Privacy
Potential for serious legal and business consequences when an intruder accesses private information
14 Guide to Operating System Security
Facilitating Workflow
Potential for loss of money, data, or both if a step in the work process is compromised due to a security problem
15 Guide to Operating System Security
Addressing Security Holes or Software Bugs
After purchasing a new OS, software, or hardware: Test rigorously for security and reliability Check security defaults Install patches immediately
16 Guide to Operating System Security
Compensating forHuman Error or Neglect
Use an OS that enables the organization to set up security policies
Develop written security policies Implement training Test security of new operating systems and
software
17 Guide to Operating System Security
Setting Up Local Security Policies
18 Guide to Operating System Security
Cost Factors
Cost of deploying security Should be an element in total cost of ownership
(TCO) Cost of not deploying security
19 Guide to Operating System Security
Types of Attacks
Standalone workstation or server attacks
Attacks enabled by access to passwords
Viruses, worms, and Trojan horses
Buffer attacks Denial of service Source routing attack Spoofing E-mail attack Port scanning Wireless attacks
20 Guide to Operating System Security
Standalone Workstationor Server Attacks
Easy to take advantage of a logged-on computer that is unattended and unprotected
Avoid by setting up a password-protected screen saver
21 Guide to Operating System Security
Attacks Enabled by Access to Passwords
Users defeat password protection by Sharing them with others Writing them down and displaying them
Attackers have sophisticated ways of gaining password access
22 Guide to Operating System Security
Attempting to Log On to a Telnet Account
23 Guide to Operating System Security
Viruses
Virus Able to replicate throughout a system Infects a disk/file, which infects other disks/files Some cause damage; some don’t
Virus hoax E-mail falsely warning of a virus
24 Guide to Operating System Security
Worm
Endlessly replicates on the same computer, or sends itself to many other computers on a network
Continues to create new files but does not infect existing files
25 Guide to Operating System Security
Trojan Horse
Appears useful and harmless, but does harm Can provide hacker with access to or control
of the computer
26 Guide to Operating System Security
Buffer Attacks
Attacker tricks buffer software into attempting to store more information than it can contain (buffer overflow)
The extra information can be malicious software
27 Guide to Operating System Security
Denial of Service (DoS) Attacks
Interfere with normal access to network host, Web site, or service by flooding network with: Useless information, or Frames or packets containing errors that are not
identified by a network service Distributed DoS attack
One computer causes others to launch attacks directed at one or more targets
28 Guide to Operating System Security
Source Routing Attack
Attacker modifies source address and routing information to make a packet appear to come from a different source
Can be used to breach a privately configured network
A form of spoofing
29 Guide to Operating System Security
Spoofing
Address of source computer is changed to make a packet appear to come from a different computer
Can be used to initiate access to a computer Can appear as just another transmission to a
computer from a legitimate source
30 Guide to Operating System Security
E-mail Attack
Attached file may contain: Virus, worm, or Trojan horse Macro that contains malicious code
E-mail may contain Web link to a rogue Web site
31 Guide to Operating System Security
Port Scanning
Attacker determines live IP address, then runs port scanning software (eg Nmap or Strobe) to find a system on which a key port is open or not in use
To block access through open ports: Stop OS services or processes that are not in use Configure a service only to start manually with
your knowledge Unload unnecessary NLMs
32 Guide to Operating System Security
Sample TCP Ports
33 Guide to Operating System Security
Using the kill Commandin Red Hat Linux
34 Guide to Operating System Security
Managing Mac OS X Sharing Services
35 Guide to Operating System Security
Wireless Attacks
Generally involve scanning multiple channels Key elements
Wireless network interface card Omnidirectional antenna War-driving software
Difficult to determine when someone has compromised a wireless network
36 Guide to Operating System Security
Organizations That HelpPrevent Attacks (Continued)
American Society for Industrial Security (ASIS)
Computer Emergency Response Team Coordination Center (CERT/CC)
Forum of Incident Response and Security Teams (FIRST)
InfraGard
37 Guide to Operating System Security
Organizations That Help Prevent Attacks (Continued)
Information Security Forum (ISF) Information Systems Security Association
(ISSA) National Security Institute (NSI) SysAdmin, Audit, Network, Security (SANS)
Institute
38 Guide to Operating System Security
Hardening Your System
Taking specific actions to block or prevent attacks by means of operating system and network security methods
39 Guide to Operating System Security
General Steps to Harden a System (Continued)
Learn about OS and network security features Consult Web sites of security organizations Only deploy services and processes that are
absolutely necessary Deploy dedicated servers, firewalls, and
routers
40 Guide to Operating System Security
General Steps to Harden a System (Continued)
Use OS features that are provided for security Deploy as many obstructions as possible Audit security regularly Train users to be security conscious Monitor OSs and networks regularly for
attackers
41 Guide to Operating System Security
Overview of Operating System Security Features
Logon security Digital certificate
security File and folder
security Shared resource
security
Security policies Remote access
security Wireless security Disaster recovery
42 Guide to Operating System Security
Logon Security
Requires user account and password to access OS or network
User account provides access to the domain
43 Guide to Operating System Security
Objects in a Domain
44 Guide to Operating System Security
Digital Certificate Security
Verifies authenticity of the communication to ensure that communicating parties are who they say they are
45 Guide to Operating System Security
File and Folder Security
Lists of users and user groups can be given permission to access resources
Attributes can be associated with resources to manage access and support creation of backups
46 Guide to Operating System Security
Shared Resource Security
Ways to control access to resources: Use a list of users and groups that should be
configured Use domains Publish resources in a directory service (eg, Active
Directory or NDS)
47 Guide to Operating System Security
Using an Access List
48 Guide to Operating System Security
Security Policies
Security default settings that apply to a resource offered through an OS or directory service
May apply only to local computer, or to other computers
May specify that user account passwords must be a minimum length and be changed at regular intervals
49 Guide to Operating System Security
Remote Access Security
Enable remote access only when absolutely necessary
Many forms, including: Callback security Data encryption Access authentication Password security
50 Guide to Operating System Security
Wireless Security
Implement Wired Equivalent Privacy (WEP) Create a list of authorized wireless users based
on the permanent address assigned to the wireless interface in the computer
51 Guide to Operating System Security
Disaster Recovery
Use of hardware and software techniques to prevent loss of data Perform backups Store backups in a second location Use redundant hard disks
Enables restoration of systems and data without loss of critical information
52 Guide to Operating System Security
Overview of Network Security Features
Authentication and encryption Firewalls Topology Monitoring
53 Guide to Operating System Security
Authentication
Using a method to validate users who attempt to access a network or resources, to ensure they are authorized
Examples User accounts with passwords Smart cards Biometrics
54 Guide to Operating System Security
Encryption
Protects information sent over a network by making it appear unintelligible
Generally involves using a mathematical key
55 Guide to Operating System Security
Firewalls
Software or hardware placed between networks that selectively allows or denies access
56 Guide to Operating System Security
Topology
Different designs yield different results in terms of security planning and hardening
Also affects security in terms of where specific devices are placed
57 Guide to Operating System Security
Monitoring
Involves determining performance and use of an OS or network
Enables you to determine weak points of a system or network and address them before a problem occurs
58 Guide to Operating System Security
Summary
Operating system and network security Why such security is vital Careers in information security The cost of security; the cost of not having security Common types of attacks Techniques for guarding against attacks on operating
systems and on networks