Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
107 lines (105 sloc) 22.4 KB
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE abiword PUBLIC "-//ABISOURCE//DTD AWML 1.0 Strict//EN" "http://www.abisource.com/awml.dtd">
<abiword template="false" styles="unlocked" version="2.0.12" xmlns:svg="http://www.w3.org/2000/svg" xmlns:dc="http://purl.org/dc/elements/1.1/" fileformat="1.1" xmlns:fo="http://www.w3.org/1999/XSL/Format" xmlns:math="http://www.w3.org/1998/Math/MathML" xmlns:awml="http://www.abisource.com/awml.dtd" xmlns="http://www.abisource.com/awml.dtd" xmlns:xlink="http://www.w3.org/1999/xlink" xml:space="preserve" props="dom-dir:ltr; document-footnote-restart-section:0; document-endnote-type:numeric; document-endnote-place-enddoc:1; document-endnote-initial:1; lang:en-US; document-endnote-restart-section:0; document-footnote-restart-page:0; document-footnote-type:numeric; document-footnote-initial:1; document-endnote-place-endsection:0">
<!-- ======================================================================== -->
<!-- This file is an AbiWord document. -->
<!-- AbiWord is a free, Open Source word processor. -->
<!-- More information about AbiWord is available at http://www.abisource.com/ -->
<!-- You should not edit this file by hand. -->
<!-- ======================================================================== -->
<metadata>
<m key="dc.format">application/x-abiword</m>
<m key="abiword.generator">AbiWord</m>
<m key="abiword.date_last_changed">Tue May 17 12:07:39 2005</m>
</metadata>
<styles>
<s type="P" name="Normal" followedby="Current Settings" props="text-indent:0in; margin-top:0pt; margin-left:0pt; font-stretch:normal; line-height:1.000000; text-align:left; font-variant:normal; lang:en-US; dom-dir:ltr; margin-bottom:0pt; text-decoration:none; font-weight:normal; bgcolor:transparent; color:000000; text-position:normal; font-size:12pt; margin-right:0pt; font-style:normal; widows:2; font-family:Times New Roman"/>
<s followedby="Normal" name="Heading 2" basedon="Normal" type="P" props="margin-top:0.3056in; font-size:14pt; margin-bottom:0.0417in; line-height:1.000000; font-weight:bold; keep-with-next:1; font-family:Nimbus Sans L"/>
<s type="P" name="Block Text" basedon="Normal" followedby="Current Settings" props="line-height:1.000000; margin-bottom:0.0813in; margin-left:1.0000in; margin-right:1.0000in"/>
<s type="P" name="Box List" followedby="Current Settings" props="list-delim:%L; list-decimal:NULL; field-color:transparent; start-value:0; margin-left:0.5000in; field-font:Dingbats; line-height:1.000000; list-style:Box List; text-indent:-0.300000in"/>
<s type="P" name="Bullet List" followedby="Current Settings" props="list-delim:%L; list-decimal:NULL; field-color:transparent; start-value:0; margin-left:0.5000in; field-font:Symbol; line-height:1.000000; list-style:Bullet List; text-indent:-0.300000in"/>
<s followedby="Normal" name="Chapter Heading" basedon="Numbered Heading 1" type="P" props="list-delim:Chapter %L.; field-color:transparent; start-value:1; margin-left:0.0in; field-font:Nimbus Sans L; text-indent:0.0in; line-height:1.000000; list-style:Numbered List; tabstops:1.100000in/L0"/>
<s type="P" name="Dashed List" followedby="Current Settings" props="list-delim:%L; list-decimal:NULL; field-color:transparent; start-value:0; margin-left:0.5000in; field-font:NULL; line-height:1.000000; list-style:Dashed List; text-indent:-0.300000in"/>
<s type="P" name="Diamond List" followedby="Current Settings" props="list-delim:%L; list-decimal:NULL; field-color:transparent; start-value:0; margin-left:0.5000in; field-font:Dingbats; line-height:1.000000; list-style:Diamond List; text-indent:-0.300000in"/>
<s type="C" name="Endnote Reference" basedon="None" followedby="Current Settings" props="text-position:superscript; line-height:1.000000; font-size:10pt"/>
<s type="C" name="Endnote Text" basedon="Normal" followedby="Current Settings" props="text-position:normal; line-height:1.000000"/>
<s type="C" name="Footnote Reference" basedon="None" followedby="Current Settings" props="text-position:superscript; line-height:1.000000; font-size:10pt"/>
<s type="C" name="Footnote Text" basedon="Normal" followedby="Current Settings" props="text-position:normal; line-height:1.000000; font-size:10pt"/>
<s type="P" name="Hand List" followedby="Current Settings" props="list-delim:%L; list-decimal:NULL; field-color:transparent; start-value:0; margin-left:0.5000in; field-font:Dingbats; line-height:1.000000; list-style:Hand List; text-indent:-0.300000in"/>
<s followedby="Normal" name="Heading 1" basedon="Normal" type="P" props="margin-top:0.3056in; font-size:17pt; margin-bottom:0.0417in; line-height:1.000000; font-weight:bold; keep-with-next:1; font-family:Nimbus Sans L"/>
<s followedby="Normal" name="Heading 3" basedon="Normal" type="P" props="margin-top:0.3056in; font-size:12pt; margin-bottom:0.0417in; line-height:1.000000; font-weight:bold; keep-with-next:1; font-family:Nimbus Sans L"/>
<s type="P" name="Heart List" followedby="Current Settings" props="list-delim:%L; list-decimal:NULL; field-color:transparent; start-value:0; margin-left:0.5000in; field-font:Dingbats; line-height:1.000000; list-style:Heart List; text-indent:-0.300000in"/>
<s type="P" name="Implies List" followedby="Current Settings" props="list-delim:%L; list-decimal:NULL; field-color:transparent; start-value:0; margin-left:0.5000in; field-font:Symbol; line-height:1.000000; list-style:Implies List; text-indent:-0.300000in"/>
<s type="P" name="Lower Case List" basedon="Numbered List" followedby="Current Settings" props="list-delim:%L); list-decimal:.; field-color:transparent; start-value:1; margin-left:0.5000in; field-font:NULL; line-height:1.000000; list-style:Lower Case List; text-indent:-0.300000in"/>
<s type="P" name="Lower Roman List" basedon="Normal" followedby="Current Settings" props="list-delim:%L; list-decimal:.; field-color:transparent; start-value:1; margin-left:0.5000in; field-font:NULL; line-height:1.000000; list-style:Lower Roman List; text-indent:-0.300000in"/>
<s followedby="Normal" name="Numbered Heading 1" basedon="Heading 1" type="P" props="list-delim:%L.; field-color:transparent; start-value:1; margin-left:0.0in; field-font:Nimbus Sans L; text-indent:0.0in; line-height:1.000000; list-style:Numbered List; tabstops:0.299306in/L0"/>
<s followedby="Normal" name="Numbered Heading 2" basedon="Heading 2" type="P" props="list-delim:%L.; field-color:transparent; start-value:1; margin-left:0.0in; field-font:Nimbus Sans L; text-indent:0.0in; line-height:1.000000; list-style:Numbered List; tabstops:0.299306in/L0"/>
<s followedby="Normal" name="Numbered Heading 3" basedon="Heading 3" type="P" props="list-delim:%L.; field-color:transparent; start-value:1; margin-left:0.0in; field-font:Nimbus Sans L; text-indent:0.0in; line-height:1.000000; list-style:Numbered List; tabstops:0.299306in/L0"/>
<s type="P" name="Numbered List" followedby="Current Settings" props="list-delim:%L.; list-decimal:.; field-color:transparent; start-value:1; margin-left:0.5000in; field-font:NULL; line-height:1.000000; list-style:Numbered List; text-indent:-0.300000in"/>
<s type="P" name="Plain Text" basedon="Normal" followedby="Current Settings" props="font-family:Courier New; line-height:1.000000"/>
<s followedby="Normal" name="Section Heading" basedon="Numbered Heading 1" type="P" props="list-delim:Section %L.; field-color:transparent; start-value:1; margin-left:0.0in; field-font:Nimbus Sans L; text-indent:0.0in; line-height:1.000000; list-style:Numbered List; tabstops:1.100000in/L0"/>
<s type="P" name="Square List" followedby="Current Settings" props="list-delim:%L; list-decimal:NULL; field-color:transparent; start-value:0; margin-left:0.5000in; field-font:Dingbats; line-height:1.000000; list-style:Square List; text-indent:-0.300000in"/>
<s type="P" name="Star List" followedby="Current Settings" props="list-delim:%L; list-decimal:NULL; field-color:transparent; start-value:0; margin-left:0.5000in; field-font:Dingbats; line-height:1.000000; list-style:Star List; text-indent:-0.300000in"/>
<s type="P" name="Tick List" followedby="Current Settings" props="list-delim:%L; list-decimal:NULL; field-color:transparent; start-value:0; margin-left:0.5000in; field-font:Dingbats; line-height:1.000000; list-style:Tick List; text-indent:-0.300000in"/>
<s type="P" name="Triangle List" followedby="Current Settings" props="list-delim:%L; list-decimal:NULL; field-color:transparent; start-value:0; margin-left:0.5000in; field-font:Dingbats; line-height:1.000000; list-style:Triangle List; text-indent:-0.300000in"/>
<s type="P" name="Upper Case List" basedon="Numbered List" followedby="Current Settings" props="list-delim:%L); list-decimal:.; field-color:transparent; start-value:1; margin-left:0.5000in; field-font:NULL; line-height:1.000000; list-style:Upper Case List; text-indent:-0.300000in"/>
<s type="P" name="Upper Roman List" basedon="Numbered List" followedby="Current Settings" props="list-delim:%L; list-decimal:.; field-color:transparent; start-value:1; margin-left:0.5000in; field-font:NULL; line-height:1.000000; list-style:Upper Roman List; text-indent:-0.300000in"/>
</styles>
<pagesize pagetype="Letter" orientation="portrait" width="8.500000" height="11.000000" units="in" page-scale="1.000000"/>
<section props="page-margin-footer:0.5in; page-margin-header:0.5in">
<p style="Normal" props="text-align:center"><c props="font-weight:bold; font-size:16pt"></c></p>
<p style="Normal" props="text-align:center"><c props="font-weight:bold; font-size:16pt"></c></p>
<p style="Normal" props="text-align:center"><c props="font-weight:bold; font-size:16pt"></c></p>
<p style="Normal" props="text-align:center"><c props="font-weight:bold; font-size:16pt"></c></p>
<p style="Normal" props="text-align:center"><c props="font-weight:bold; font-size:16pt"></c></p>
<p style="Normal" props="text-align:center"><c props="font-weight:bold; font-size:16pt"></c></p>
<p style="Normal" props="text-align:center"><c props="font-weight:bold; font-size:16pt"></c><c props="font-weight:bold; font-size:16pt">Sumit Khanna</c></p>
<p style="Normal" props="text-align:center"><c props="font-weight:bold; font-size:16pt">Lab #3 - CPSC 544 - Kizza</c><c props="font-weight:bold; font-size:16pt"></c></p>
<p style="Normal"><c></c><pbr/><c props="font-weight:bold; font-size:20pt">Lab #3 - Operating System Security</c></p>
<p style="Normal" props="line-height:1.5"><c></c></p>
<p style="Normal" props="line-height:1.5"><c></c>Securing a network is important and with tools like firewalls, port scanners and packet sniffers, it is easy to secure a network and forget about the systems on the network. Operating Systems are where vulnerabilities lie. A firewall is designed to protect against unseen exploits within the operating system, and should someone get through that firewall, an administrator needs to ensure the operating systems of the hosts are secure to minimize damage.</p>
<p style="Normal" props="line-height:1.5"><c></c></p>
<p style="Normal" props="line-height:1.5">No matter what operating system you are running, it is vitally important to stay on top of updates. The system should always have the latest security patches for both the operating system and the services that you are running on it. In many cases, both of these updates can be done via the same system (especially on UNIX machines with package management such as Gentoo, Red Hat, Debian and Fedora). </p>
<p style="Normal" props="line-height:1.5"><c></c></p>
<p style="Normal" props="line-height:1.5">In this paper we'll take a look at specific security exploits for various operating systems and ways to patch and fix these exploits to secure the system.</p>
<p style="Heading 2" props="line-height:1.5">SCO UNIX Ware</p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c props="font-style:italic"></c>SCO's website contains a knowledge base with answers to all types of problems including security issues. I took one example of a security issue and examined it. The issue arises with buffer overflow problems in their X server (the server on UNIX/Linux systems that provides the framework for the graphical user interface). </p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr">(<c props="font-family:Times New Roman; text-decoration:none; color:000000; font-size:12pt; text-position:normal; font-weight:normal; font-style:italic; lang:en-US">http://wdb1.sco.com/kb/showta?taid=125415</c><c props="font-family:Times New Roman; text-decoration:none; color:000000; font-size:12pt; text-position:normal; font-weight:normal; font-style:italic; lang:en-US"></c>)</p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c></c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr">Although this may seem like a local vulnerability, in some cases people may open their X servers up to the world to send a particular program to a different host. If the X server is available over the network then some of these problems can be exploited and allow an unauthorized user to gain access to memory blocks or the entire system. A security patch is available through the website to fix this issue.</p>
<p style="Heading 2" props="line-height:1.5">Windows 2000/XP</p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr">Windows has gotten the brunt of the focus in security administration because of it's many security problems. Some argue that windows doesn't really have more security holes, but instead is used by more users so more of its exploits become apparent. In either case, the following address gives a details list of what to do to secure a Windows 2000 install: <c props="font-style:italic">http://www.markusjansson.net/exp.html</c><c props="font-style:italic"></c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c></c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr">The list is quite extensive and includes everything from the Encrypted File System, Installation, Services, Internet Connection Firewall (ICF), Internet Explorer, Telnet, SYSKEY, Accounts, etc. </p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr">There it a lot that goes into really securing a Windows computer. Too many times, companies simply put out windows machines as if there were home machines. Windows machines can be used in a secure environment, however it requires fully implementing several of Windows security features including setting up a Primary Domain Controller, Active Directory and the correct security policies to fully restrict users from installing non-authorized software.</p>
<p style="Heading 2" props="line-height:1.5">Mac OS</p>
<p style="Normal" props="line-height:1.5"><c></c>When people think of Mac OS, they often think of Mac OS 9 with its cheesy sounds and awful user interface. However the new Mac OS X is based on a BSD core and is a complete rewrite of its predecessor. Macintosh made some interesting strides when adapting Darwin BSD as its core and building a working desktop system around it.</p>
<p style="Normal" props="line-height:1.5"><c></c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr">As far as security goes, Mac OS X has been praised on several accounts. According to a recent slashdot article, the FBI uses Macintosh because they are "...secure out of the box..." and that the best way for a hacker to frustrate law enforcement is to use a mac. </p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr">(<c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:italic; lang:en-US">http://apple.slashdot.org/article.pl?sid=04/01/30/0057245&amp;tid=172&amp;tid=179&amp;tid=3</c><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:italic; lang:en-US"></c>)</p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c></c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr">Still, with all these praise there, must be security issues with Mac OS X right? Since it is based on a BSD core, if your turn on services such as ssh and the version is out of date, you could be open to security exploits. As with any operating system, you must stay current on security patches.</p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c></c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr">One major exploit I found with Mac OS X involved the system update itself. It turns out that at one point in time, Mac OS downloaded system updates without any authentication with the update server making it very easy for someone to impersonate a Mac update server with fake DNS responses and send potentially dangerous software to be installed on a Macintosh.</p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c props="font-family:Times New Roman; text-decoration:none; color:000000; font-size:12pt; text-position:normal; font-weight:normal; font-style:normal; lang:en-US">(</c><c props="font-family:Times New Roman; text-decoration:none; color:000000; font-size:12pt; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:italic; lang:en-US">http://www.cunap.com/~hardingr/projects/osx/exploit.html</c><c props="font-family:Times New Roman; text-decoration:none; color:000000; font-size:12pt; text-position:normal; font-weight:normal; font-style:normal; lang:en-US">)</c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c></c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr">This shows that it is not only necessary to keep current on updates, but to have a robust and secure update system as well. Many update systems such as Fedora's yum/rpm use keys to verify that the packages it pulls from the update servers are trusted. </p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c></c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c></c></p>
<p style="Heading 2" props="line-height:1.5">Conclusion</p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr">It is important to be familiar with an operating system if you are going to be a system administrator for it. That means knowing it inside and out, controlling which services are running and stopped and having a good mechanism for updates and backups.</p>
<p style="Heading 2" props="line-height:1.5">Works Cited</p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c></c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c></c>SCO UNIX Knowledge Base</p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US">http://wdb1.sco.com/kb/showta?taid=125415</c><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US">Markus Jansson's Security Page</c><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US">http://www.markusjansson.net/exp.html</c><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US">Slashdot.org</c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US">http://apple.slashdot.org/article.pl?sid=04/01/30/0057245&amp;tid=172&amp;tid=179&amp;tid=3</c><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US">SecureMac - Macintosh Security Site</c><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
<p style="Normal" props="text-align:left; line-height:1.5; dom-dir:ltr"><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US">http://www.securemac.com/</c><c props="font-family:Times New Roman; font-size:12pt; color:000000; text-decoration:none; text-position:normal; font-weight:normal; font-style:normal; lang:en-US"></c></p>
</section>
</abiword>