Question

Scenario:

Security and Memory Management Some have argued that Unix/Linux systems reuse a small number of security features in many contexts across the system, while windows systems provide a much larger number of more specifically targeted security features used in the appropriate contexts. This may be seen as a trade-off between simplicity verses lack of flexibility in the Unix/Linux approach against a better targeted but more complex and harder to correctly configure approach in Windows.

question:

Discuss the highlighted trade-off from the scenario as it impacts the security of Unix/Linux systems, and the load placed on administrators in managing their security.

Answer 1

Unix and Administration:
------------------------
Unix in built features provide more control to Administrators.

Unix is by nature having built-in security with read-write-execute permissions for self-group-other persons accessing the files.
Unix Kernel controls file system, device drivers as well as code for process management.
While creating file it self you will define who can access it, with file permissions.
While creating the user we will provide which directories user can access, to which group the user belong to, which default shell user should use.

Sample user from /etc/passwd :
oracle12c:x:54323:dba:oracle User:/opt/oracle:/bin/csh
Username:Password(x indicates that encrypted password):User ID (UID): Group ID (GID): User ID Info comment:Home directory ( Home dir where user log-in): Command/shell

While creating the user itself Administrator can hold the amount of memory/resource a user can use.
Memory allocation is tied with access rights.
Any other file/device access needs explicit permissions from Administrators.
CONTROLLED ACCESS to shared file systems with mounts, soft link and hard links.
End user is not given access to all file system, files, memory and devices attached.
This needs more controlled interaction of end users with Administrators.

Open code base of Unix allows, vulnerabilities to surface and fix early.

Logging: All system processes, store relevant information in log files. Which makes it easy to audit system and user interations.

Having less access to end users.
Since Unix is not much used for Personal computing like social engineering, and is mostly used for Servers Administration it is less prone to attacks.

Properietary/Enterprise Unix are used for running larger hardware appliances/Servers.
Ex:
AIX - to operate IBM Hardware
HPIA/HPUX - to operate HP Hardware
Solaris - to operate Solaris Hardware
Redhat - to operate Linux Hardware.

Recent Linux personal computing interfaces are drawing more attention due to the fact that Unix is less vulnerable.
Ex: Ubuntu, Mint.

Though there are lot of advantages of Unix open source, recently there are cases where attackers used it for exploitation.

Though less often, there are Unix viruses too.
McAfee detected first Linux Virus in February 7, 1997.
Ex: Shell Shock and Heart Bleed attacks.

Windows Administration:
-----------------------
On the other hand Windows OS is mostly used for personal computing.
Gives ease to end users to access their personal files, emails, photos etc.
Frequent and larger use of accessing and sharing files through devices like pen drives, CD, on intra network using sharing, on internet through email.
Highest number of End users uses, the worlds most used operating system.
Is often more mis-used too and challenging for Administrators to keep it secure.

More people uses more mistakes done, more vulnerable.
Ex: Opening spam mails.

Windows uses Server Message Block (SMB), Common Internet File System protocol (CIFS) and RPC (Remote Procedure Calls) heavily.

Plethora of applications for end users to use.
Applications, Anti-virus programs, Firewall, user administration, direct and network patching.

No code acess to open world, so more issues un-resolved.
As and when issue found needs frequent patching.
Frequent OS upgrades required to be done on larger number of systems.

Memory allocation is not tied with access rights.
Any users and access other users files.

Conclusion:

It is very Hard job for Windows administrators to keep systems up to date for more applications with latest versions on larger number of devices.