...UNIX, Linux, and Windows Servers Security When comparing Linux/Unix versus Windows platforms for security it is important to take into account the security issues being addressed. The most common types of security breaches in today’s business world are based on social engineering attacks. These attacks are focused on bypassing security measures by tricking users into accomplishing the tasks required by the malicious code. These attacks can introduce numerous types of malicious code into the network ranging from spyware up to and including viruses. When comparing Windows versus Linux/Unix it is important to realize that more security features may be available depending on the exact operating system. This comparison is not to compare specific distributions of Linux/Unix against a specific version of Windows, instead it will compare the core elements that are prevalent in both operating systems regardless of the distribution or version chosen. The first security feature that is discussed is the structure of both operating systems. The difference between Linux/Unix and Windows based on structure is the way configuration for software is approached. Most malicious code in a Windows platform is embedded into the registry. The registry is a single location that stores every configuration setting for software installed on the machine. This allows a standard location for malicious code to target on a windows machine. Whereas Linux/Unix does not have a registry, instead it uses...
Words: 1996 - Pages: 8
...Security of Windows NT and UNIX† Hans Hedbom1,2, Stefan Lindskog1,2, Stefan Axelsson1 and Erland Jonsson1 1Dept of Computer Engineering 2Dept of Computer Science Chalmers University of Technology S-412 96 Göteborg, SWEDEN {sax, Erland.Jonsson}@ce.chalmers.se University of Karlstad S-651 88 Karlstad, SWEDEN {Hans.Hedbom, Stefan.Lindskog}@hks.se Abstract This paper presents a brief comparison of two operating systems, Windows NT and UNIX. The comparison covers two different aspects. First, we compare the main security features of the two operating systems and then we make a comparison of a selection of vulnerabilities most of which we know have been used for making real intrusions. We found that Windows NT has slightly more rigorous security features than “standard” UNIX but the two systems display similar vulnerabilities. The conclusion is that there are no significant differences in the “real” level of security between these systems. †Presented at the Third Nordic Workshop on Secure IT Systems, NORDSEC’ 5-6 November, 1998, Trondheim, Norway. 98, 1. Introduction It has been claimed that the security of Windows NT is far better than that of previous commercial operating systems. In order to verify (or refute) this statement we have made a brief comparison of the security of Windows NT to that of UNIX. UNIX was selected as a reference since it is well-known and widely spread. Thus, the target systems were (1) a networked Windows NT 4.0 and (2) UNIX with NFS (Network...
Words: 6676 - Pages: 27
...UNIX, Linux, and Windows Server Critique Abstract The following sections in this paper focus on analyzing operating systems for Riordan Manufacturing Inc. that specializes in plastic molding and design. Team B concentrated on five main areas of UNIX, Linux, and Windows Server. The five areas include Security, Administration, Networking, Performance, and Programmability. The team explains the existing systems, followed by comparing advantages and disadvantages of each operating system. The comparisons provide insight for Riordan’s IT specialist and administration considering which system to implement. Interesting topics that relate to security weaknesses, and advantages that UNIX® and Linux® compare against the operating giant, Microsoft Windows Server®. Security At the present time, Riordan Manufacturing’s network configurations consist of a heterogeneous UNIX and Windows environment. UNIX has been around for more than 40 years and is known for its’ robust power and scalability. According to the Open Group, “Security, which is often seen as a weakness for UNIX-based systems, is ensured using dedicated communication lines and secure communications protocols, along with strict authentication procedures” (para. 42). This means UNIX, just like Windows, requires configurations to make it a more secure system. Setting up file permissions, user access controls, as well as shutting down network services not currently active are just a few of the ways that help close the gap...
Words: 2750 - Pages: 11
...Unix / Linux vs. Microsoft Windows Server Student Name Goes Here Class Number Goes Here Due Date Goes Here Professor Name Goes Here Unix / Linux vs. Microsoft Windows Server Introduction Pace Glass Company is a global cutting, polishing and bending company with operating facilities in two U.S. cities. Pace Glass Company's major clientele include RV manufacturers, specialty car manufacturers, automotive parts manufacturers, aircraft manufacturers, appliance manufacturers and most prestigiously N.A.S.A. With manufacturing plants in Southwest Michigan and Northwest Ohio, Pace Glass Company's online business plays a vital role in continued growth and as such there is heavy consideration underway as to which type of computer operating base the company upgrades will be implemented against. Pace Glass executives and partners recognize that security and reliability are key to the continued growth in their online presence which plays a substantial role in system determination. Purpose The purpose of this study is to discuss the differences between Unix, Linux and Microsoft Windows and server environments. This study will discuss facts that cover security, administrative, networking, performance, programmability as well as provide a briefing in conclusion. Security Approach A fundamental difference between the Unix approach to system security and the Windows approach is that significant security characteristics of Unix systems are a consequence of good architectural design...
Words: 2110 - Pages: 9
...UNIX, Linux, and Windows Server Critique POS/420 Name Professor Date University of Phoenix Abstract The following sections in this paper focus on analyzing operating systems for Riordan Manufacturing Inc. that specializes in plastic molding and design. Team B concentrated on five main areas of UNIX, Linux, and Windows Server. The five areas include Security, Administration, Networking, Performance, and Programmability. The team explains the existing systems, followed by comparing advantages and disadvantages of each operating system. The comparisons provide insight for Riordan’s IT specialist and administration considering which system to implement. Interesting topics that relate to security weaknesses, and advantages that UNIX® and Linux® compare against the operating giant, Microsoft Windows Server®. Security At the present time, Riordan Manufacturing’s network configurations consist of a heterogeneous UNIX and Windows environment. UNIX has been around for more than 40 years and is known for its’ robust power and scalability. According to the Open Group, “Security, which is often seen as a weakness for UNIX-based systems, is ensured using dedicated communication lines and secure communications protocols, along with strict authentication procedures” (para. 42). This means UNIX, just like Windows, requires configurations to make it a more secure system. Setting up file permissions, user access controls, as well as shutting down network services not currently active...
Words: 2760 - Pages: 12
...Week 2 – Case Study SEC-280 11-9-2013 The first point that I will address consist on the multiple dangers that computer networks are exposed, that are in majority done by perpetrators that get access to servers of Windows and Linux to explode their vulnerabilities.. The use of these codes or malware in the form of viruses, worms, time bombs or any peculiar name this individuals use to give to their destructive toys, are a major concern to the protection of confidential information. Data so sensitive that in their majority is composing of identity, credit, and property information so well collected and compiler that is plenty for the creation of a clone of a company or a person. These identity theft atrocities are not limit to the software and information appropriation; also the attacks diminish computer performance, affecting their velocity and cause computers to crash. The CIO should possess a compendium of way’s to defend his network, and a rapid decision capability to take decisions in a short time period. Furthermore, in general terms security; as we can define “ the act of provide a sense or protection against lost, attack or harm”, can use or integrate a complete protection plan. Depending on the resources of the company the integration of a security plan that can integrate “the five pillars of security IT security operation: policy and audit management, access management, infrastructure and hardware security and incident response.” The real world presents to us a...
Words: 591 - Pages: 3
...greatly benefit from using Windows Server 2012 to manage their network. Windows Server 2012 brings great updates to security and functionality over past editions of Windows. In this proposal, the major areas I will cover are Active Directory, Group Policy, DNS, File Services, Remote Services, and WSUS (Windows Server Update Services). These major roles have features that will make Shiv LLC Company’s infrastructure run smoothly. Active Directory Shiv LLC will have sites across a large geographic location. Because of this, a regional domain model should be used. Domains will be broken down into where users are working. For example, currently Shiv LLC has three locations, Los Angeles, Dallas, and Houston. This means there will be three domains, representing each of these cities. This strategy will make sure the network can be maintained by regional administrators, who will only worry about users in their area of the network. With this style of deployment, it can be difficult to decide what will be the forest root domain. The main staff for the company is in two cities, Dallas and Houston. This makes it difficult to make one of these sites the forest root domain. To make this decision neutral, a dedicated forest root domain can be suggested. This domain will be created only to function as the forest root. It will not contain and users, except for service administrator accounts for the forest root. It will not represent any geographical region of the network, and the other domains (each...
Words: 466 - Pages: 2
...Your CIO should realize that network and computers are very vulnerable to outside hackers and attacks from viruses without protection. This can causes systems to be hacked and information to be compromised. Also, many viruses can cause computers to crash and become useless, causing time and money to be wasted. I am sure the company you work for can understand the their information needs to be protected. A way to get a complete protection plan put in place is to hire an IT team to come in the put firewalls and anti virus software in place, that way the information is more secure. Keep in mind -- securing your system can be a lot of work, securing your system may cost time (and money) today, but prevents much greater costs in the future. Attacks against Unix and Windows network services have increased dramatically in the recent past, and show no signs of abating. Because security vulnerabilities are constantly being revealed, staying informed about recent security issues is crucial. There is need for the company to create a set of layered defenses and avoid the idea of running capricious programs. It is also better for the company to substitute programs that have a terrible security track record with more reliable programs (Dubin, 2005, p. 127). The role of the Company information security officers is to ensure that the windows and Unix/Linux servers are secured from shortcomings and vulnerabilities; otherwise the company may risk being targeted by hackers (Brown...
Words: 272 - Pages: 2
...Case Study: Network Security Computer networks of every company have the potential to be exposed to dangers that have the potential to do great harm. Individuals could gain access to Windows and Unix/Linux servers to exploit the company’s vulnerabilities. Computer networks are not only vulnerable to outsiders, but employees also have the opportunity to compromise the system. An unprotected network would open the door for malicious activity that could damage the company’s system, compromise company and customer information, and cost a great amount of precious time and money. A breach in the network could have a negative impact on finances, privacy, and information. Securing the Windows and Unix/Linux servers within a company from shortcomings and vulnerabilities to potential threats by both outsiders and insiders is an absolute necessity. This is achieved by using technical measures and enforcing security policies. One reason it is important to secure the servers is potential of the insider threat. With 1,500 employees, the chance of an attack from the inside is elevated. The threat could come in the form of a disgruntled employee, by someone looking for gain, or by someone who unknowingly compromises the system. Conklin and White (2010) stated the following: One of the hardest threats that security professionals will have to address is that of the insider. Since employees already have access to the organization and its assets, additional mechanisms need to be in place to detect...
Words: 647 - Pages: 3
...UNIX /Linux versus MAC versus Windows Paper POS/355 March 11, 2013 Bhupinder Singh UNIX/Linux versus MAC versus Windows Paper Introduction Today we live in a world where technology is the way to go. Even in this century there are people that are still clueless on the operating system. It is different, exciting when a new and advance system comes out. But some of us are so confused when it comes to the basics of new technology. Operating systems are programs which manages the computer’s hardware. The systems provide a basic for the applications programs between the computer user and its hardware. When looking, there are so many different types of operating systems that are available. The four main operating systems that are used are Windows, Mac, UNIX, and Linux. For every computer there are many different items that make the system a whole. When it comes to the different operating systems there are different features available, even though when you think of computers a person might think security will all be the same but there are difference between each one. As you read more you will understand the security and the difference between a MAC, UNIX/LINUX and Windows systems and how each one works. Access control goal is to protect a resource from unauthorized access while facilitating seamless and legitimate use of such resources. Presently, each day users hold the need to access to those resources through a broad line of devices...
Words: 2503 - Pages: 11
...assessed for utilities/commands that cannot be practised on university computers. 1. (Review Question 1 – Chapter 2) Why is information security a management problem? What can management do that technology cannot? 2. (Review Question 2 – Chapter 2) Why is data the most important asset an organization possesses? What other assets in the organization require protection? 3. (Review Question 3 – Chapter 2) Which management groups are responsible for implementing information security to protect the organizations ability to function? 4. (Review Question 5 – Chapter 2) What is information extortion? Describe how such an attack can cause losses, using an example not found in the text. 5. (Review Question 6 – Chapter 2) Why do employees constitute one of the greatest threats to information security? 6. (Review Question 7 – Chapter 2) What measures can individuals take to protect against shoulder surfing? 1 7. (Review Question 9 – Chaptewr...
Words: 3431 - Pages: 14
...Columbus, Georgia, and employs 10 people full time, and 4 persons part time. The third location is located in Washington, DC, and employs 15 people. The fourth location located in Richmond, Virginia is the smallest of all the locations employing 5 persons full time. Tiger Tees is a fast growing company in dire need of a secure network that will ensure that the confidentiality, integrity, and availability of client information remain confidential. All transactions completed are sent to the organizational headquarters in Beckley, WV and processed there. In the past these orders and transactions have been completed by telephone and e-mail. A secure wide area network would streamline this process making the transactions more secure, and providing faster service to the customers. Security Requirements The proposed network for this organization will be a virtual private network (VPN) that will connect each of the three remote locations directly to the headquarters in Beckley, WV. This network shall support credit card transactions, as well as the ordering of products that occur on location and via the company website. The Beckley office network will have...
Words: 5336 - Pages: 22
...Abstract Three forms of malware that originally had legitimate applications, but have over time been developed as malicious software are taken into account: ActiveX control, Telnet, and NetBIOS. They are explained first, then the risks user can face if his computer is infected with that malware are given, and the countermeasures which should be taken in order to combat the malware. After that, the compare and contrast of the three forms of malware mentioned above is given. In the end, two recent forms of malware, Flame and FinFisher are explained. ActiveX control What is an ActiveX control? ActiveX is a software component of Microsoft Windows. It is already installed in a computer with Internet Explorer. ActiveX controls are small programs, sometimes called add-ons that are used on the Internet. They can enhance browsing experience by allowing animation or they can help with tasks such as installing security updates at Microsoft Update. Some websites require installing ActiveX controls to see the site or perform certain tasks on it. When these websites are being visited, Internet Explorer asks to install the ActiveX control. The website that provides the ActiveX control should tell the visitor what the control is for. It should also provide relevant details on the web page before or after the warning. Internet Explorer blocks websites from using an ActiveX control if the website tries to use the ActiveX control in a way that might not be safe. What are the risks? ActiveX...
Words: 2385 - Pages: 10
... File Management System in Linux CUI Interface A Project Dissertation submitted in partial fulfillment of the Regulations governing the award of the degree of BA in Computer Studies, University of Sunderland 2006 I. Abstract This dissertation details a project to design and produce a prototype Linux character environment file manipulation assisting application. The application is offering a friendly menu driven interface to handle the jobs that non-programmers keep finding cumbersome to master when it comes to working in a Unix/Linux interface, resulting in serious mistakes and much loss of productive time. The Linux File Management System is a basic program for every user at a Unix/Linux terminal. Advantages here include the fact that the support team does not have to be burdened with solving simple file based queries by the employees. The areas of Designing GUI interfaces in Linux and Windows versus Linux Security were researched and a prototype has been designed, developed and tested. An evaluation of the overall success of the project has been conducted and recommendations for future work are also given. Words II. Table of Contents 1) Introduction.................................................................................................................................4 1.1 Overview........................................................................................................4 1.2 Sponsor...
Words: 17681 - Pages: 71
...Cyber Crime Computer crime encompasses a broad range of activities. Generally, however, it may be divided into two categories: (1) crimes that target computers directly; (2) crimes facilitated by computer networks or devices, the primary target of which is independent of the computer network or device.[citation needed] Crimes that primarily target computer networks or devices include: Computer viruses Denial-of-service attacks Malware (malicious code) Crimes that use computer networks or devices to advance other ends include: Cyberstalking Fraud and identity theft Information warfare Phishing scams Malware From Wikipedia, the free encyclopedia Beast, a Windows-based backdoorTrojan horse. Malware, short for malicious software, is software used or created to disrupt computer operation, gather sensitive information, or gain access to private computer systems. It can appear in the form of code, scripts, active content, and other software.[1] 'Malware' is a general term used to refer to a variety of forms of hostile, intrusive, or annoying software.[2] Malware includes computer viruses, worms, trojan horses, spyware, adware, and other malicious programs. In law, malware is sometimes known as a computer contaminant, as in the legal codes of several U.S. states.[3][4] Malware is not the same as defective software, which is software that has a legitimate purpose but contains harmful bugs that were not noticed before release. However, some malware...
Words: 3033 - Pages: 13