Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Comparison of the Security of Windows NT and UNIX Hans Hedbom, Stefan Lindskog, Stefan Axelsson and Erland Jonsson Originally presented at the Third.

Published byJonah Jennings Modified over 8 years ago

Similar presentations

Presentation on theme: "A Comparison of the Security of Windows NT and UNIX Hans Hedbom, Stefan Lindskog, Stefan Axelsson and Erland Jonsson Originally presented at the Third."— Presentation transcript:

1 A Comparison of the Security of Windows NT and UNIX Hans Hedbom, Stefan Lindskog, Stefan Axelsson and Erland Jonsson Originally presented at the Third Nordic Workshop on Secure IT Systems, November 1998 http://www.ce.chalmers.se/staff/sax/nt-vs-unix.pdf Presented by Clare West

2 Outline Introduction Security Comparison –Identification –Authentication –Networking Man-in-the-Middle Authentication Attacks on both Windows NT and UNIX Conclusion

3 Introduction “It has been claimed that the security of Windows NT is far better than that of previous commercial operating systems.” Compare NT with UNIX –Networked Windows NT 4.0 –UNIX with NFS (Network File System) and NIS (Network Information System)

4 Introduction cont. Windows NT –Released in 1992 –Processes –Threads –Symmetric multiprocessing –Distributed computing –Object model to manage resources UNIX –Released in ~1974 –Processes –Threads –Symmetric multiprocessing –Distributed computing –File model to manage resources

5 Identification Windows NT –Usernames –Numeric SID (Security IDentifier) –SID is unique to a Domain –SIDs are never reused UNIX –Usernames –Numeric UID (User IDentifier) –UID may not be unique within an NIS domain –UID may be reused

6 Authentication Windows NT –Passwords –Stored encrypted in SAM (Security Account Manager). Only accessible to Domain Administrators –Encrypted by DES and MD4 UNIX –Passwords –Stored encrypted in /etc/passwd or NIS (Network Information System). Accessible to any user. –Encrypted by DES

7 Authenticating with a UNIX NIS Domain Client yp_match response Server Alice alice:23:20:sCFNq7Qf8/kwg:Alice Cooper:/home/alice:/bin/tcsh Client Alice Server yp_match request for alice’s passwd entry The password supplied by Alice is encrypted and compared with the encrypted password in the passwd entry supplied by the NIS Server

8 Authenticating with a Windows NT Domain AliceServer Request for Service ServerAlice Challenge - random string AliceServer Response - encrypted string Alice encrypts her password and then uses this to encrypt the random string sent by the server. The server encrypts the random string it sent with Alice’s encrypted password and compares this with her response.

9 Networking Windows NT –Logging by computer name not IP address –Trust placed in clients not acting maliciously UNIX –Address based authentication –Trust placed in clients not acting maliciously

10 A Man-in-the-middle Attack vs UNIX Goal: Mallory impersonates Alice to the Client Mallory prepares a yp_match response with the encrypted password of his choice Mallory Client yp_match response Mallory alice:23:20:FdFNq7Qf85twg:Alice Cooper:/home/alice:/bin/tcsh ClientServer yp_match request Mallory for alice’s passwd entry

11 A Man-in-the-middle Attack vs NT Goal: Mallory impersonates Alice to the Server Challenge - random string (A) MalloryServer Alice Request for Service Server Mallory Challenge - random string (A) MalloryAlice Response - encrypted string (A) Mallory ServerAlice Response - encrypted string (A) MalloryServerMalloryServer Request for Service as Alice Mallory waits for Alice to attempt to use the Server

12 Man-in-the-Middle Attacks Results Windows NT –Allows access to the server as Alice –Mallory must wait for Alice –Mallory can only impersonate active users he can spy on UNIX –Allows access to the client as Alice –Mallory can attack at any time –Mallory can impersonate any user –Combined with NFS (Network File System) allows access to any file systems exported to the client as any user

13 Conclusions “…the security mechanisms of Windows NT are slightly better than those of UNIX” “…the two systems display a similar set of vulnerabilities” “…with the present way of installing and using the systems there seems to be no significant difference between their security level”

14 Question What System Security Threats are posed by the Man-in-the-middle attacks presented earlier? Interception Interruption ModificationFabrication

Download ppt "A Comparison of the Security of Windows NT and UNIX Hans Hedbom, Stefan Lindskog, Stefan Axelsson and Erland Jonsson Originally presented at the Third."

Similar presentations

Security Issues in Mobile Code Systems David M.Chess, High Integrity Computing Lab, IBM T.J. Watson Research Center Hawthorne, NY, USA Mobile code systems.

Security Issues in Mobile Code Systems David M.Chess, High Integrity Computing Lab, IBM T.J. Watson Research Center Hawthorne, NY, USA Mobile code systems.
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
Authentication Applications The Kerberos Protocol Standard

Authentication Applications The Kerberos Protocol Standard
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Akshat Sharma Samarth Shah

Akshat Sharma Samarth Shah
By Rashid Khan Lesson 5-Directory Assistance: Administration Using Active Directory Users and Computers.

By Rashid Khan Lesson 5-Directory Assistance: Administration Using Active Directory Users and Computers.
Password Cracking Lesson 10. Why crack passwords?

Password Cracking Lesson 10. Why crack passwords?
Communications of the ACM (CACM), Vol. 32, No. 6, June 1989

Communications of the ACM (CACM), Vol. 32, No. 6, June 1989
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.

Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Chapter One The Essence of UNIX.

Chapter One The Essence of UNIX.
Kerberos Part 1 CNS 4650 Fall 2004 Rev. 2. The Name Greek Mythology Cerberus Gatekeeper of Hates Only allowed in dead Prevented dead from leaving Spelling.

Kerberos Part 1 CNS 4650 Fall 2004 Rev. 2. The Name Greek Mythology Cerberus Gatekeeper of Hates Only allowed in dead Prevented dead from leaving Spelling.
Web Defacement Anh Nguyen May 6 th, 2010. Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.

Web Defacement Anh Nguyen May 6 th, Organization Introduction How Hackers Deface Web Pages Solutions to Web Defacement Conclusions 2.
Midterm Review Questions SOEN321 – Information-Systems Security.

Midterm Review Questions SOEN321 – Information-Systems Security.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
Georgy Melamed Eran Stiller

Georgy Melamed Eran Stiller
1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft.

1 Microsoft Windows NT 4.0 Authentication Protocols Password Authentication Protocol (PAP) Challenge Handshake Authentication Protocol (CHAP) Microsoft.
Windows Security Mechanisms Al Bento - University of Baltimore.

Windows Security Mechanisms Al Bento - University of Baltimore.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
MS systems use one of the following: LanManager Hash (LM) LanManager Hash (LM) NT LanManager (NTLM) NT LanManager (NTLM) Cached passwords Cached passwords.

MS systems use one of the following: LanManager Hash (LM) LanManager Hash (LM) NT LanManager (NTLM) NT LanManager (NTLM) Cached passwords Cached passwords.
.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.

.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.

Similar presentations

Ads by Google