:Security Portal: An overview of OS security features - part I
Security Portal: An overview of OS security features - part I Mar 22, 2000, 19 :21 UTC (0 Talkback[s]) (5361 reads) (Other stories by Kurt Seifried)
"Computer security is a very subjective topic, especially when it comes
to the various operating systems. I will attempt to be objective in this
article, and any conclusions I draw will (hopefully) be supported by
overwhelming evidence. To be fair my background is mostly with Linux and
NT, with a good dose of OpenBSD and Solaris."
"One of the more basic components of computer security is file system
security...The (simple) standard for most UNIX platforms is... is simple to implement, flexible enough to allow for
most common needs, and generally reliable."
"No matter how good your security, chances are you will suffer a
"security incident"... A determined attacker will replace common binaries (such as
ls, ps, bash, the kernel), allowing them to cover their tracks..."
"For Linux there are quite a few tools, but outside the Linux world it
seems that Tripwire is the only game in town."
"Logging and auditing -- This is one area where the proprietary
operating systems tend to do a little bit better. NT 4.0 and Windows 2000
have rather extensive logging capabilities... As always, you need to protect the central log host from attacks/etc,
also it should have extremely large volumes, as many attackers will try to
flood it..."
