Download presentation
Presentation is loading. Please wait.
Published byJonah Jennings Modified over 9 years ago
1
A Comparison of the Security of Windows NT and UNIX Hans Hedbom, Stefan Lindskog, Stefan Axelsson and Erland Jonsson Originally presented at the Third Nordic Workshop on Secure IT Systems, November 1998 http://www.ce.chalmers.se/staff/sax/nt-vs-unix.pdf Presented by Clare West
2
Outline Introduction Security Comparison –Identification –Authentication –Networking Man-in-the-Middle Authentication Attacks on both Windows NT and UNIX Conclusion
3
Introduction “It has been claimed that the security of Windows NT is far better than that of previous commercial operating systems.” Compare NT with UNIX –Networked Windows NT 4.0 –UNIX with NFS (Network File System) and NIS (Network Information System)
4
Introduction cont. Windows NT –Released in 1992 –Processes –Threads –Symmetric multiprocessing –Distributed computing –Object model to manage resources UNIX –Released in ~1974 –Processes –Threads –Symmetric multiprocessing –Distributed computing –File model to manage resources
5
Identification Windows NT –Usernames –Numeric SID (Security IDentifier) –SID is unique to a Domain –SIDs are never reused UNIX –Usernames –Numeric UID (User IDentifier) –UID may not be unique within an NIS domain –UID may be reused
6
Authentication Windows NT –Passwords –Stored encrypted in SAM (Security Account Manager). Only accessible to Domain Administrators –Encrypted by DES and MD4 UNIX –Passwords –Stored encrypted in /etc/passwd or NIS (Network Information System). Accessible to any user. –Encrypted by DES
7
Authenticating with a UNIX NIS Domain Client yp_match response Server Alice alice:23:20:sCFNq7Qf8/kwg:Alice Cooper:/home/alice:/bin/tcsh Client Alice Server yp_match request for alice’s passwd entry The password supplied by Alice is encrypted and compared with the encrypted password in the passwd entry supplied by the NIS Server
8
Authenticating with a Windows NT Domain AliceServer Request for Service ServerAlice Challenge - random string AliceServer Response - encrypted string Alice encrypts her password and then uses this to encrypt the random string sent by the server. The server encrypts the random string it sent with Alice’s encrypted password and compares this with her response.
9
Networking Windows NT –Logging by computer name not IP address –Trust placed in clients not acting maliciously UNIX –Address based authentication –Trust placed in clients not acting maliciously
10
A Man-in-the-middle Attack vs UNIX Goal: Mallory impersonates Alice to the Client Mallory prepares a yp_match response with the encrypted password of his choice Mallory Client yp_match response Mallory alice:23:20:FdFNq7Qf85twg:Alice Cooper:/home/alice:/bin/tcsh ClientServer yp_match request Mallory for alice’s passwd entry
11
A Man-in-the-middle Attack vs NT Goal: Mallory impersonates Alice to the Server Challenge - random string (A) MalloryServer Alice Request for Service Server Mallory Challenge - random string (A) MalloryAlice Response - encrypted string (A) Mallory ServerAlice Response - encrypted string (A) MalloryServerMalloryServer Request for Service as Alice Mallory waits for Alice to attempt to use the Server
12
Man-in-the-Middle Attacks Results Windows NT –Allows access to the server as Alice –Mallory must wait for Alice –Mallory can only impersonate active users he can spy on UNIX –Allows access to the client as Alice –Mallory can attack at any time –Mallory can impersonate any user –Combined with NFS (Network File System) allows access to any file systems exported to the client as any user
13
Conclusions “…the security mechanisms of Windows NT are slightly better than those of UNIX” “…the two systems display a similar set of vulnerabilities” “…with the present way of installing and using the systems there seems to be no significant difference between their security level”
14
Question What System Security Threats are posed by the Man-in-the-middle attacks presented earlier? Interception Interruption ModificationFabrication
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.