Operating System SecurityLesson 1: Security PrinciplesObjectivesObjectives (cont’d)Security ServicesEvaluation CriteriaSecurity LevelsSecurity MechanismsWindows 2000 SecurityWindows 2000 Security ArchitectureLinux SecurityPluggable Authentication ModulesSummarySummary (cont’d)Lesson 2: Account SecuritySlide 16Slide 17PasswordsVerifying System StatePassword Aging in LinuxSlide 21Slide 22Lesson 3: File System SecuritySlide 24Slide 25Windows 2000 File System SecurityRemote File Access ControlLinux File System SecuritySlide 29Slide 30Lesson 4: Assessing RiskSlide 32Security ThreatsTypes of AttacksWindows 2000 Security RisksGeneral UNIX Security VulnerabilitiesKeyloggersSystem Port ScanningUNIX Security RisksNIS Security ConcernsNFS Security ConcernsSlide 42Lesson 5: Reducing RiskSlide 44Patches and FixesWindows 2000 Registry SecurityDisabling and Removing Services in Windows 2000Disabling and Removing Services in UNIXSlide 49Operating System SecurityOperating SystemSecurityLesson 1:Security PrinciplesObjectives-Explain the need for security in Linux and Windows 2000 environments-Describe industry evaluation criteria used for security- Identify the guidelines for determining the three general security levels-Discuss the security mechanisms used to implement security systemsObjectives (cont’d)-Identify the different areas of security management-Describe Windows 2000 and Linux “out-of-the-box” security measures- Implement tools to evaluate key security parameters in Windows 2000 and Linux-Describe security components in the Windows 2000 security architectureSecurity Services-Authentication-Access control-Data confidentiality-Data integrity-NonrepudiationEvaluation Criteria-European Information Technology Security Evaluation Criteria document BS 7799-Trusted Computer Systems Evaluation Criteria- Common CriteriaSecurity Levels-Low-Medium-HighSecurity Mechanisms-Specific-Encipherment-Digital signature-Access control-Data integrity-Authentication-Traffic padding-Wide-Trusted functionality-Security labels-Audit trails-Security recoveryWindows 2000 Security-Exploits-Windows 2000 registryWindows 2000Security Architecture-Windows 2000 security components-C2 certification-Windows 2000 objects-Security components-SIDs-Access tokens-Security descriptors-Access control lists and entities-Security subsystemLinux Security-Configuration problems-Misconfigured authentication settings-Unnecessary services-Default account policies-Non-root user access to sensitive commandsPluggableAuthentication Modules-Editing PAM files-PAM directories-PAM entry format-Telnet access and the root accountSummaryExplain the need for security in Linux and Windows 2000 environmentsDescribe industry evaluation criteria used for securityIdentify the guidelines for determining the three general security levelsDiscuss the security mechanisms used to implement security systemsSummary (cont’d)Identify the different areas of security managementDescribe Windows 2000 and Linux “out-of-the-box” security measuresImplement tools to evaluate key security parameters in Windows 2000 and LinuxDescribe security components in the Windows 2000 security architectureLesson 2:Account SecurityObjectives-Describe the relationship between account security and passwords-Explain techniques for securing accounts in Windows 2000 and Linux- Prune users, detect account changes, rename default accounts, and implement password policies in Windows 2000 and LinuxObjectives (cont’d)-Identify Linux commands for password aging and explain how to log unsuccessful logon attempts-Explain Linux security threats, restrict account access, and monitor accountsPasswords-Windows 2000 and strong passwords-Enforcing strong passwords-Dictionary attacks-Linux and strong passwords-Shadow passwords-The root accountVerifyingSystem State-Cross-referencing information on non-domain controllers-Built-in and external tools-Renaming default accounts-Windows 2000 account policies-Password lockoutPasswordAging in Linux-Linux command options-Timing out users-Monitoring accounts-System-wide event logging facilitySummaryDescribe the relationship between account security and passwordsExplain techniques for securing accounts in Windows 2000 and LinuxPrune users, detect account changes, rename default accounts, and implement password policies in Windows 2000 and LinuxSummary (cont’d)Identify Linux commands for password aging and explain how to log unsuccessful logon attemptsExplain Linux security threats, restrict account access, and monitor accountsLesson 3:File System SecurityObjectives-Identify the Windows 2000 file-level permissions-Assign NTFS permissions-Explain the importance of drive partitioning and how it relates to security-Describe how copying and moving a file affect file security-Identify remote file access control permissionsObjectives (cont’d)-Describe Linux file system security concepts-Explain the function of the umask command- Discuss the purpose of setuid, setgid, and sticky bitsWindows 2000File System Security-File-level permissions-Standard 2000 permissions-Drive partitioning-Copying and moving filesRemote File Access Control-Remote access permissions-Full Control-Modify-Read & Execute-No Access-Share permissionsLinux File System Security-Files-File information-Permissions-The umask command-The chmod command-UIDs and GIDs-The set bits: setuid, setgid and sticky bitsSummaryIdentify the Windows 2000 file-level permissionsAssign NTFS permissionsExplain the importance of drive partitioning and how it relates to securityDescribe how copying and moving a file affect file securityIdentify remote file access control permissionsSummary (cont’d)Describe Linux file system security conceptsExplain the function of the umask commandDiscuss the purpose of setuid, setgid, and sticky bitsLesson 4:Assessing RiskObjectives-Identify general and specific operating system attacks-Describe a keylogger program’s function-Change Windows 2000 system defaults-Scan a system to determine security risks-Explain Linux security concernsSecurity Threats-Accidental threats-Intentional threats-Passive threats-Active threatsTypes of Attacks-Spoofing/masquerade-Replay-Denial of service-Insider-Trapdoor-Trojan horsesWindows 2000Security Risks-Default directories-Default accounts-Default shares and servicesGeneral UNIX Security Vulnerabilities-Viruses-Buffer overflowsKeyloggers-Invisible KeyLogger Stealth and Windows