CSEC630 Individual Assignment 1

Disclaimer/Caveat/Disclosure/Whateveryouwouldliketocallthis: You are more than welcome to use my paper below as a reference. But, please be smart and do not simply copy and paste because your Prof. or TA will know. Just like you, they have access to this website as well. So be nice and smart and don't set yourself up for a failure, at the very least you should rephrase/paraphrase/reword/Whateveryouprefertocallthis. Just a suggestion, but at the end of the day, it will be your decision. :) Also, I have got at the very least 90% in each of my papers, but that DOES NOT guarantee that you will get the same. It depends almost exclusively on how your professor looks at your response and how s/he grades. The ones that I got were awesome professors and my work and my points went across to them, hence the higher grade. So, basically what I am trying to say here is that if you score less than 90% while using my papers as reference or as a whole, don't curse me out, you just got a stricter professor. :)

Operating System: An Operating System (OS) is an intermediary agent between the user and the computer hardware. The OS manages the computer’s resources (hardware, abstract resources, software), allocates the resources and control programs, to prevent errors and improper computer use. (Bower, 2009)

Without an OS, a state of the art hardware can serve no purpose besides being a door stopper or a paper weight. Currently, OS comes in different types of interfaces. The most common and popular interface among the OS users is the Graphic User Interface (GUI), where a user can point and click on the icons and execute, or run, a task. OS such as MS Windows, Linux and MAC OS utilizes the GUI. More power users prefer the less popular and more "wordy" OS interface, such as DOS or UNIX. Both, DOS and UNIX, OS use line-commands to execute, or run, a task, giving the user more control over the entire OS, vs. a GUI interface. The problem with the line-command OS is that the user must have in-depth knowledge of command lines of the OS and must manually enter each command, making it relatively difficult to a novice user. The GUI interface, on the other hand, requires little memorization. A new user can learn a GUI OS much faster than the line-command OS.
World Wide Web and OS: In the early stages of computer life, most of the Personal Computers (PC), worked independently. Each user used his PC for his/her personal use, hence the name "Personal Computer", where their system was not a part of any network. In an organizational setup, those computers were connected to each other inside a building, or at the most, to the network in the next building. Most of the computers were managed and connected locally. But, with the introduction of broadband internet and the world wide web, that is not the case anymore. Almost every computer, may that be in a personal use at a home or in a work environment, is talking to each other. A user sitting in Washington DC can access his company's network set up across the country, in San Diego, CA, or even further, in Tokyo, Japan. Each and every computer is capable of talking to another computer anywhere in the world, as long as it is connected to a broadband (Cable, Fiber Optics and Satellite) or a narrowband (Dial-up) connection. This gives a user freedom to travel the world from his/her living-room, but also causes a massive headache to the OS developers. In the past, before the life of internet was in full swing, it was easier for an OS developer to keep their OS safe and secure from viruses, malwares, and unauthorized users, also known as hackers. A sabotager would have to physically be on a system to cause damage, and even if s/he was successful reaching a system, the damage was on lower, more on a local scale. This is not the case anymore. Now, a hacker sitting in Moscow, Russia, is capable of creating havoc on a computer network sitting in Chicago, IL. The hackers are becoming more and more capable and destructive. With every new OS, the developers have to take additional steps to make it even more secure than their previous version. The OS has to go through stricter quality controls and testing phase to make sure that it is fully functional and secure, and all of the vulnerabilities have been patched up. But that is not where it all stops. After the launch of any new OS, the developers keep on improving their product and keep deploying new patches for their OS so that the newly found vulnerabilities can be patched.
Protecting the OS: The OS of current generation are more feature-rich and sophisticated than they were a few years ago, making them more useful to their users; but, at the same time, making them more vulnerable to the security threats, unless the user configures, administers and monitors the OS correctly. (Krishna, 2003) The developers make every effort to make their OS secure by keep updating it with new patches and upgrades as they come aware of vulnerabilities. The problem with that approach is that the deployment of such patches is reactive, not proactive. Meaning, unless the developer find those vulnerabilities, a patch cannot be created and deployed, and finding those vulnerabilities can take time. Some vulnerabilities can be found within the first few weeks of the launch of the new OS, and some don't surface for months, in some cases for years. To protect from hackers to utilize those unfound vulnerabilities, the System Administrator must be proactive in securing the OS used on their network. There are number of steps that a System Administrator can take that can successfully limit the ability of an unauthorized user to gain access to their OS and sabotage the organizational network. Below are some of the measures that a System Administrator can take to protect his/her system from the unwanted intruders.
Access Control List: The first step that a System Administrator can take to secure his/her OS is by deploying Access Control List (ACL) on the network. ACL is the list of controls that let the System Administrator specify the access rights to its users. The access rights, such as read, write, delete and audit. (Microsoft.com, 2013)
Advantages of Access Control List: * ACL let the System Administrator give specific rights to the users using the OS. * ACL limits the damage that can be caused by a disgruntled employee by limiting the user's access to only the portion of the OS and the network that s/he has the need to. This way, if that disgruntled employee does cause some damage, it will be to the limited area. * ACL allows the System Administrator to tailor the read/write/delete rights, specific to the job role of a user.

Disadvantage of Access Control List: * It is difficult for a System Administrator to centrally administer all of the users in a large organizational network. It is easier to determine the use of certain objects by each user, it is hard for a System Administrator to determine what privileges each user will have to perform his/her duties. * Each system platform has its own ACL format, meaning that ACLs differ from one platform to another. This means that ACLs could be inconvenient and slow to use in a multi-platform environment. (Pondent, 2013)
Antivirus:
Secondly, the System Administrator should deploy Antivirus software on the network to protect his/her network OS. The Antivirus software are probably the cheapest investments that a System Administrator can make to keep his OS secure. A computer virus is a program that operates by attaching itself to other programs or downloaded file from the internet. When a user runs the infected program, the virus attached to it also executes, infecting other systems on the network. (NA, 2007) There are two ways in which a virus behaves when activated.
Direct Action: Direct Action virus goes into action as soon as it is downloaded to the system. Depending on how the author of virus encoded it, it can damage the OS, applications or resides in the memory and runs in the background collecting personal information of the user.

Memory Resident: Memory Resident virus works slightly differently than the Direct Action. Once downloaded to a system, Memory Resident virus stays put until a certain condition is met. That condition could be a date, a time or an execution of a certain command or program by the user of the infected system. There are three types of computer viruses:
Boot Sector Infectors: The boot sector virus attached itself to the OS on a system. So whenever the OS runs, this virus runs and infects, thus causing the maximum damage to a system.
Macro Viruses: Macro virus are commonly used in the MS Word and MS Excel. These viruses usually use the word document and excel spreadsheets to spread out over the network and infect other systems.
File Infectors: The file infectors infects the executable files of any program installed on a system. They attach themselves to the .EXE and/or .COM files and whenever those programs are executed by the user, these viruses also execute along with those programs. (NA, 2007)

Advantages of Antivirus: * A good, thoroughly equipped antivirus protects an Operating System from viruses and malware. * Antivirus protects personal and organizational information saved on the network by preventing hackers to get in to it with the help of malware. * Antivirus prevents the unauthorized users from outside the network to gain access of the system.(Conjungo, 2013)
Disadvantages of Antivirus: * Some antivirus software can cause the network and system to slow down. * Some antivirus packages can require greater system resources, such as more RAM or more hard drive space, and in some cases, a more capable and faster processor. * Antivirus software constantly needs to be updated. If a System Administrator forgets to push the updated virus definitions to the systems connected to the network, the software would fail to detect the newest virus and malware, and would leave the system vulnerable to an attack. * It requires in depth knowledge of the antivirus to be effective. Some of the antivirus programs do not provide complete system protection. Some antivirus programs requires the system administrator to manually enable all of the protective features of the software package. (Conjungo, 2013)

Firewalls: Third measure that a System administrator can take to secure his OS is by installing a firewall on his network. Firewalls prevents the unauthorized user from entering the network and also prevents the inside users, to a major extend, to bring an unauthorized user into the network. There are two types of Firewalls:
Network Layer: Network Layer Firewall is basically the hardware that is installed over the organizational network, between the router and the system. Network Layer Firewall performs faster than the Application Layer Firewall, because it does not analyze the contents of the packet, hence analyzing the packets quicker. (Maxon, 2000)
Application Layer: Application Layer Firewall, as opposed to the Network Layered Firewall, analyzes the packets on the content level. The traffic analysis is more in detail and it also keeps more detailed logs of the traffic going through it. Application Layer Firewall is more effective than Network Layer Firewall when it comes to prevent an unauthorized access to the network . (Maxon, 2000)
Advantages of Firewalls: * A firewall performs as a single entry and exit point for the network traffic. The use of a single point on the network simplifies security management by consolidating security capabilities to a single system or set of systems, making it easier for the System Administrator to monitor the traffic. * A properly configured firewall can send alerts and flags to the System Administrator if the network gets compromised. * A System Administrator can use the firewall to set up a DMZ outside of its network, luring the unauthorized users away from the main network. * The firewall can be used to implement Virtual Private Network (VPN). (Stallings, 2010) * Some of the firewalls also offer malware and virus detection features built-in to them. Though those features are not as effective as the standalone antivirus/antimalware, they offer decent amount of protection from the malware attack.
Disadvantages of Firewalls: * The firewall cannot protect against attacks that bypasses the firewall. * The firewall needs to be properly configured. The firewall itself is unable to protect a network. A System Administrator must manually configure it to the organizational requirements to make it work effectively. * A poorly configured firewall can slow down the network speed, bottle necking the internet traffic. * The firewall may not protect fully against internal threats, such as a disgruntled employee or an employee that is cooperating with an external attacker for personal gains. * A firewall cannot protect a network from a device that is being used and infected outside of the organizational network and then attached and used internally. (Stallings, 2010)
Implementation of the Protective Measures: It is relatively easy to implement the protective measures mentioned above. The ACL can easily be implemented by the System Administrator when the network has been implemented and can be updated and modified as the organizational needs and requirements are changed. The Antivirus/Antimalware program can be installed individually on each of the system connected to the network and the updates can be pushed to each of the system on the organizational network by the System Administrator. Deploying a Firewall on a network is simple and straight forward. The System Administrator can simply plug it in between the router and the organizational network and power it on. The tricky part is to configure it to the organizational needs. If the System Administrator configures the Firewall too strictly, the network will become extremely slow because it will be scanning each and every packet going through it, configure it too leniently, and the Firewall will scan only selective packets leaving the network vulnerable to exploitation.
Ranking of the Measures: Though each one of the measures mentioned above has its own strength and weakness, one measure triumph the other in some way. From the measures mentioned above, Firewall should be the first priority of the System Administrator, then installing an effective Antivirus and then the ACL as a third priority. Once a network is planned, it is necessary to have a Firewall implemented right away, to protect it from the outside intruders. A properly configured Firewall, may that be a Network Layer or Application Layer, can successfully keep the outsiders out and insiders protected inside. Once the System Administrator secures the network from the outside intruders, it is important to implement an Antivirus software so that the users will not be able to bring something malicious from outside and introduce it to the network causing the network failure. When it comes to network, it is imperative that it should be secured from the potential problem-creators from inside too. If the System Administrator wont restrict the usage rights of the users, every user will be accessing every file and application, even if the user does not have a need for it. Also, without proper ACL, a user, knowingly or unknowingly, can damage the OS or any other application on the network, causing it to collapse. Protecting your OS from outside intruders is like protecting your belongings inside the house from a leaking roof on a rainy day. To effectively fix the leak, you must start from outside by covering the roof, and then move in, or all the effort will be washed away.

Conclusion: Securing an OS over a network is a tricky task for any System Administrator. It was much easier back in the days when every system was not connected to every other system in the whole world. Nowadays, it is different. Without being connected to the world wide web, nothing can be done. Even in the most secure, centralized systems, computer systems are connected to each other. They might not communicate with unsecured systems, but they do communicate within their network, may they be located across the street or across the oceans. And even those "isolated" systems require protection from outsiders as well as insiders. The measures mentioned above, ACL, Antivirus and Firewall, may be the best choices in some situations, but that does not mean that they are the only choices. There is no "one size fit all" solution to protect an OS on all the network. Depending on the organization's needs and requirements, these measure may or may not fully address all of the needs.

References:
Bowers, T. (2009). Basic Operating Concepts. Retrieved from, http://www.sal.ksu.edu/faculty/tim/ossg/Introduction/OSrole.html
Conjungo. (2013). Understanding Antivirus. Retrieved from, http://www.conjungo.com/technology/antivirus/benefits-of-antivirus#.
Krishna, A. (2003). Steps to a Secure Operating System. Retrieved from, http://www.computerworld.com/s/article/82969/Steps_to_a_secure_operating_sy stem
Maxon, K. D. (2000). Which is the Better Choice? Retrieved from, http://www.giac.org/paper/gsec/66/application-layer-firewalls-vs-network-layer- firewalls-choice/100459
Microsoft. (2013). Access Control List. Retrieved from, http://msdn.microsoft.com/en- us/library/windows/desktop/aa374872%28v=vs.85%29.aspx
NA. (June, 2007). Computer Viruses. Retrieved from, http://www.hackerzvoice.net/ceh/CEHv6%20Module%2009%20Viruses%20and %20Worms/08Computervirus%28June07%29.pdf
Pondent, C. S. (2013). Disadvantages of ACL Algorithm. Retrieved from, http://www.ehow.com/info_11370147_disadvantages-acl-algorithms.html
Stallings, W. (2010). Firewalls. Retrieved from , http://mercury.webster.edu/aleshunas/COSC%205130/Chapter-22.pdf