Scenario:
Security and Memory Management Some have argued that Unix/Linux systems reuse a small number of security features in many contexts across the system, while windows systems provide a much larger number of more specifically targeted security features used in the appropriate contexts. This may be seen as a trade-off between simplicity verses lack of flexibility in the Unix/Linux approach against a better targeted but more complex and harder to correctly configure approach in Windows.
question:
Discuss the highlighted trade-off from the scenario as it impacts the security of Unix/Linux systems, and the load placed on administrators in managing their security.
Unix and Administration:
------------------------
Unix in built features provide more control to Administrators.
Unix is by nature having built-in security with
read-write-execute permissions for self-group-other persons
accessing the files.
Unix Kernel controls file system, device drivers as well as code
for process management.
While creating file it self you will define who can access it, with
file permissions.
While creating the user we will provide which directories user can
access, to which group the user belong to, which default shell user
should use.
Sample user from /etc/passwd :
oracle12c:x:54323:dba:oracle User:/opt/oracle:/bin/csh
Username:Password(x indicates that encrypted password):User ID
(UID): Group ID (GID): User ID Info comment:Home directory ( Home
dir where user log-in): Command/shell
While creating the user itself Administrator can hold the amount
of memory/resource a user can use.
Memory allocation is tied with access rights.
Any other file/device access needs explicit permissions from
Administrators.
CONTROLLED ACCESS to shared file systems with mounts, soft link and
hard links.
End user is not given access to all file system, files, memory and
devices attached.
This needs more controlled interaction of end users with
Administrators.
Open code base of Unix allows, vulnerabilities to surface and fix early.
Logging: All system processes, store relevant information in log files. Which makes it easy to audit system and user interations.
Having less access to end users.
Since Unix is not much used for Personal computing like social
engineering, and is mostly used for Servers Administration it is
less prone to attacks.
Properietary/Enterprise Unix are used for running larger
hardware appliances/Servers.
Ex:
AIX - to operate IBM Hardware
HPIA/HPUX - to operate HP Hardware
Solaris - to operate Solaris Hardware
Redhat - to operate Linux Hardware.
Recent Linux personal computing interfaces are drawing more
attention due to the fact that Unix is less vulnerable.
Ex: Ubuntu, Mint.
Though there are lot of advantages of Unix open source, recently there are cases where attackers used it for exploitation.
Though less often, there are Unix viruses too.
McAfee detected first Linux Virus in February 7, 1997.
Ex: Shell Shock and Heart Bleed attacks.
Windows Administration:
-----------------------
On the other hand Windows OS is mostly used for personal
computing.
Gives ease to end users to access their personal files, emails,
photos etc.
Frequent and larger use of accessing and sharing files through
devices like pen drives, CD, on intra network using sharing, on
internet through email.
Highest number of End users uses, the worlds most used operating
system.
Is often more mis-used too and challenging for Administrators to
keep it secure.
More people uses more mistakes done, more vulnerable.
Ex: Opening spam mails.
Windows uses Server Message Block (SMB), Common Internet File System protocol (CIFS) and RPC (Remote Procedure Calls) heavily.
Plethora of applications for end users to use.
Applications, Anti-virus programs, Firewall, user administration,
direct and network patching.
No code acess to open world, so more issues un-resolved.
As and when issue found needs frequent patching.
Frequent OS upgrades required to be done on larger number of
systems.
Memory allocation is not tied with access rights.
Any users and access other users files.
Conclusion:
It is very Hard job for Windows administrators to keep systems up to date for more applications with latest versions on larger number of devices.
Scenario: Security and Memory Management Some have argued that Unix/Linux systems reuse a small number of...