OS Security (Tutorial)

[catch]

Just had news that I need to be traveling the next two weeks, back after that.

Please keep questions and comments to the subject at hand, that is a way to measure OS security and not specific operating systems questions, as until the original subject matter is understood, specific OS conversations will be dead and go in circles.

cheers

rob

[rcgreen]

As to what is or is not unix, the question gets even more complicated
when you consider hardware differences. Much of the os is "portable"
in the sense that it can be compiled and run on different processors,
but since so much of the character of an os is in the kernel, there's much
that can't be the same. The kernel runs on the hardware.

A processor that lacks in sophistication really can't support an os the same way
as one with better native capabilities. Now any "unix" kernel regardless of
hardware, is going to try to present the same interface to the higher level
components of the os, and users will never notice the low level stuff,
but os designers obviously know the difference.

So maybe security is also dependent on the processor type. I would bet that those
truly secure os types such as run at nuclear weapons labs only work on special hardware
and prolly no absolutely secure type exists for x86 machines.

One related question. Can an installable os ever be secure? If I have the authority to install the os, doesn't this mean that ultimately I must be totally trusted and own
the system? Or can it have a mind of its own and decide what permissions to allow
me, after I have installed it?

[Maestr0]

Don't take me the wrong way Catch, I wasn't criticizing your tutorial, in fact I think it was quite good and will help many people understand some of the more abstract security priciples. I just thought that some of the finer points were being discussed by people who already had an idea of what you were speaking about. That said I will gently implore you to examine your "Trusted" operating systems a little deeper, I think you will find they are in fact UNIX. In my mind, an OS belongs to the family where its source code orginates. Now the truth is that the the code between the major branches has been swapped llike spit from horny teenagers but I think its fair to go with where the majority of the source code orginates, eg. If you use the AT&T code (owned by SCO now) and are being sued/and or having your license pulled by SCO , you are in fact a true UNIX (Solaris,AIX,IRIX,Xenix,HP-UX,etc), by the same token if you use BSD code(*This was once alot of AT&T code but was almost completely rewritten) you are a BSD (FreeBSD,OpenBSD,NetBSD,FlavoroftheWeekBSD), if your OS consists mainly of Linus Torvalds an Co.'s code, you are in fact a Linux (Debian,Gentoo,RedHat,SuSE) OS X is in interesiting one because it is MACH as well as BSD, but this actually makes sense in light of the fact that the MACH kernel is a true microkernel and is OS neutral and that this was actually used in developing the MACH, by running BSD as a process of the MACH kernel. This was of course hideously slow due to message passing but as time went by this has been solved (mostly) in various ways. and OS X is the product of this old family reunion. Now, in my view if you are running a kernel/OS based on one of these source trees, altering the code to change the memory manager or improve the security model of it, does not suddenly make an apple an orange (like say turning IRIX into Trusted IRIX, Xenix into Trusted Xenix,or Linux into SELinux) Yes, you may have added/altered 3,000 lines of your 100,000 line kernel. You did not just invent a new OS. If you think you did and try to sell it, you will probably find yourself in court if you are not already there with SCO (see above. )


-Maestr0


Design and implementation of Secure Xenix "This research paper describes the modifications made to Xenix to provide a more secure operating system."
Trusted IRIX/B EPL "Trusted IRIX/B is a security-enhanced version of IRIX 4.0"
Trusted Solaris 8 "Based on the leading UNIX[r] operating environment"

That is why they pay SCO.

[gore]

****, that's what I forgot too do today: Send SCO my money for using Linux. Ah well.

[Maestr0]

PS. Gore, VMS is really boring and un-exciting looking like the OS/400. But if you have to know.....




-Maestr0

[gore]

Dude, you have access to it? It seems too have almost the same commands as this OS I was messing with last year. I can't think of what it was though. All I had was a shell account.

If I could get DOS 360, man,... Well I wouldn't be able to use it, it won't run on a PC, but I'd love too try. Thanks for the shot.

[jm459]

Originally posted here by catch
Recent threads about Windows and UN*X/Linux security have really crystallized something for me... very few people have any idea what exactly constitutes an operating system's security. Needless to say, this situation demands a tutorial.

Why assume very few people have any idea what exactly constitutes an operating systems security? The term "security"is used to refer to all aspects of protecting a computer system from all hazards, e.g physical damage, loss and/ or corruption of data, loss of confidentiality, etc. Integrity is used in a similar context to refer specifically to maintaining the correctness of the data stored. Security pervades all aspects of computing, fom hardware design to system analysis and programming.

[gore]

Hehehehehehe, that's the joy of it. You can have that thing patched and firewalled to ****, but it won't stop me from walking in with my outfit on that allows me access just about anywhere, and shoving in a BSDeviant, or Slackware bootable CD, opening parted, and either copying all the partitions so I can read them later, or, getting pissed that they won't copy, and just deleting them all.

A lot of companies here think removing the CD-Drive and the Floppy will stop this. RIGHT lol. Then I pop something in the USB drive and use ZIP Slack, or if all of that was thought of, I can pop the case off, grab the RAM, HDs, and fans, and if it's a good processor that too... Hell, I'll pop a couple rocks inside the case so the weight is similar, and gut the thing and take it with me. Not that I ever do that, but if I got hired as a consultent I would.

I have actually walked around a Hospital's IT area, and gotten all over. I never stole anything or tried looking at things. I just wanted too see if I could. Social Engineering over the phone is very easy, but it's a real challenge when they look right at you. And the best part is, if you think they are on to you, you can buy spray cans on the internet that you can use on your Truck's plates, that will make then not show up on camera.

The fact that I'm 6'1 280 pounds and have a mohawk, you'd think it would make it hard, it doesn't. I remember like a year ago, I was walking around this Hospital, and walked through the X-Ray department, and I had access to all the machines that were left logged on...Running Windows.

copy C:WINDOWS/*.PWL A:

Yea, needless to say if I ever get broke I'll just tell the guy who runs that place I need a job.

[jm459]

Originally posted here by gore
I have actually walked around a Hospital's IT area, and gotten all over. I never stole anything or tried looking at things.

Assume that was during the six months you spent in the physciatric unit pretending to be a patient. I do not know how many times you've been told about this. Please stop it, you are going to get arrested someday and end up in jail, and they might not have computers there

[Winston]

They have computers in jail. In my county, all the workstations are running NT4 (as of December). They don't like you touching them unless you work there tho...


Alright... Catch, I like the tutorial. You are one of the few people who doesn't just go off on system services and firewalls. Damn good job.


I'm going to agree with you on the patch issue for the most part. I just want some clarification on one aspect.

Linux is a gray area, do you consider anything coming from kernel.org to be Linux, and patches from other sources to be "Linux-like"?

If so, what is your exact classification of UNIX? I know this has been touched upon, but I want a clear and concise definition on what constitutes the UNIX operating system, as you define it/them.