Re: Short List of Security Questions


"BC" wrote:

The default is usually the best in the newer Linux distros,
but never in Windows.

Right. Linux gets hacked when people start enabling features, like trying
to use it as a web server. IIS 6 on Windows Server 2003 is hacked far less
frequently than Apache on Linux. A significant problem in Linux and Windows
security is the user not knowing how to safely configure and use their OS.

The defaults in Windows XP SP2 and 2003 are pretty secure. Windows XP was
released in 2001 and programmed in the years before that, so for a true
apples to apples comparison, you would have to compare its default settings
to a *nix distro from five years ago. A lot of the threats we're seeing
today weren't really around back then.

The most secure thing you can do
in Windows is immediately download and install Firefox
and/or Opera and avoid the blue "e" as much as possible,
as well as other programs that use it, like Outlook and
Outlook Express.

People are rarely hacked via web browsers.

People do get adware via browsers, but then they also get adware and spyware
from installing freeware, including "Firefox with the Google Toolbar."

Also in the case of Windows, each new version has been
more bloated, complex and with more points of exploit
than the prior versions, with any new security enhancements
more than offset by greater risks. Win3.11/Win95/Win98
were easy to secure with a couple well-chosen 3rd party
programs,

You have it reverse. Windows 3.x, 95 and 98 were wildly insecure and not
securable. They didn't even have user accounts, ACLs, permissions or
auditing to control access to your system. Antivirus added to XP SP2, or
antivirus and firewall added to Windows 2000, makes a system secure enough
for home use.

but Win2k and especially XP are much more
problematic to both secure and to clean-up. Look at this
one guide covering Win2k/Xp:
http://www.markusjansson.net/exp.html

Most of those settings are either default in XP or don't help your security
much on a home workstation. Jesper J and Steve Riley of Microsoft have a
different hardening guide for 2000 / XP that only includes about five tweaks,
and it survived a hacking contest.

Even the file system is suspect -- while it's been touted
that NTFS is more secure and robust than Fat32, but in
real life it's very easy to bypass NTFS security and a

Whereas with Fat32 there's no security at all to bypass. No ACLs,
permissions or passwords.

bad spot on the hard drive will mess up Windows
regardless,

Rarely will a bad sector mess up Windows... And that's different from *nix
file systems like ext2 / ext3 how? Is NTFS any more likely to be screwed up
by a power failure than *nix file systems?

and more so, some of the newer worms
actually take advantage of NTFS to hide themselves:
http://www.f-secure.com/v-descs/potok.shtml

I don't like the way the Windows GUI handles NTFS streams either. But this
is similar to setting a file attribute to hidden via the ATTRIB +H command.
Users can see NTFS file streams if they want, as can trustworthy antivirus
programs.

2) How do you keep an installed program from having access to other
programs or other parts of the system in a standalone home computer (here I
refer to file permissions and other security measures) ?

Windows never had that fine a level of security, but
Linux and other OS's have. Supposedly VIsta will have
some of this type of security.

Not exactly. Windows doesn't yet natively have a chroot jail, but there are
a variety of methods in Windows 2000 and newer to control what an application
can and can't see. DropMyRights is one example, Runas is another, the lower
privileged NetworkService and LocalService security contexts used by Windows
services is another. With any of those methods, you can change NTFS file and
registry permissions to control what any application running in that security
context can see, similar to a chroot jail.

Note that many *nix OSes are lacking in the concept of role-based access
control. With Windows, you can take any file and give every user account
different permissions to that file. Linux OSes by default have up to three
security contexts [Owner, Group and Other] for making file ACLs. The NSA's
SELinux tries to improve on this shortcoming. It's fortunate that Linux has
the chroot jail concept, because it would be difficult otherwise to control
what files the DNS daemon's account can and cannot see.

There are also a variety of third party utilities for both Windows and *nix
that will set up a virtualized sandbox for apps to run in safely. It's not
really logical to compare the security of Linux with all of its various third
party add-ons [Apache, SELinux, Bastille, IPTables, etc.] but not allow third
party apps to be considered when evaluating Windows security, just as it
wouldn't be fair to consider Linux security without allowing IPTables to be
used.

3) Win98 had a big problem with NetBEUI. Do other windows OSes have this
type of or similar issues?

Well, TCP/IP has quite a number of security issues
in itself, so that's universal:
http://oldwww.cs.umu.se/local/kurser/TDBD03/vt96/lect/sec+fw2.html

That's an excellent point. No matter how you secure your OS, and whatever
OS you choose, it's still generally reliant on and vulnerable to the
shortcomings of the aging TCP/IP suite, such as threats like DNS spoofing,
ARP spoofing, man in the middle session hijacking, SSL, SSH, etc.

4) After I go to Windows Update and download the security patches, what
changes have been made to my system ?

Mostly stuff Microsoft is not going to reveal the details
about. The bulk of the patches seem to be workarounds,
often of temporary effect

What makes you say that? You seem to be saying "but I just installed an IE
patch last month, why didn't that fix this new vulnerability from this
month?" Vulns patched this month are usually unrelated to vulns patched in
the past.

If Microsoft was truly serious about security, they would
have long ago rewritten IE to be a standard, standalone
application with no artificially elevated privileges

What artificially elevated privileges does IE have? Unless you use
DropMyRights, IE by default runs in the context of the logged in user, only
with a variety of restrictions, so that IE can't do a lot of things the user
can do.

IE 6 has security problems, and I really wish it wasn't integrated into
Windows, because it means switching to Firefox doesn't remove IE vulns from
Windows. However, I don't believe integrating IE into Windows is the reason
why IE has had security problems. Vulns in Winzip, MS Office, etc. are just
as dangerous as IE vulns, because those apps can do just about anything IE
can do, without being integrated into Windows.

.

Relevant Pages