Principal Security Soft Test Chapter 19 Operating System Security Protection

Enterprise 2023-07-01 20:27:21 views: null

1. Overview of operating system security

1.1 Operating System Security Concepts and Requirements

Operating system (operating system), hereinafter referred to as OS

  • The operating system is responsible for the resource management of the computer system, supports and controls the operation of various application programs, and provides users with a computer system management interface . The operating system is the core key component of the information network system, and its security and reliability determine the security and reliability of the computer system.
  • Generally speaking, operating system security refers to meeting the requirements of security policies, corresponding security mechanisms and security functions, conforming to specific security standards, and under certain constraints, being able to resist common network security threats and ensure its own safe operation.
  • The national standard "Information Security Technology Operating System Security Technical Requirements (GB/T 20272-2019)" divides operations into five security levels according to security functions and security assurance requirements, namely, user independent protection level, system audit protection level , and security mark Protection level , structured protection level , access verification protection level .
  • The safety and controllable goal of the operating system is divided into two levels: the first level refers to a given operating system, users can realize the comprehensible, modifiable, detectable, repairable, and protectable operating system; the second level At this level, commercial users can lead the productization of the operating system by themselves, without being kidnapped by malicious commercial interests or trapped by intellectual property patents, and the operating system cannot be used to endanger national security.
  • Operating System Security Requirements

  (1) Identification and authentication (can uniquely identify system users and verify identity authenticity)

  (2) Access control (access control to os resources)

  (3) System resource security (ensure the integrity, confidentiality and availability of information and data)

  (4) Network security (capable of network access control, ensuring the security of network communication data and the availability of network services)

  (5) Anti-attack (with system operation supervision mechanism, defense against malicious code attacks)

  (6) Self-security (with its own security protection mechanism, to ensure system security and integrity, and to have credible recovery capabilities)

1.2 Security mechanism and security technology of the operating system

  The security guarantee of the operating system integrates multiple security mechanisms, as follows:

  (1) Hardware security: Computer hardware security is the basic guarantee mechanism of the operating system, including hardware security and reliability, storage protection, I/O protection, CPU security, physical environment protection, etc.

  (2) Identification and authentication: also known as the authentication mechanism, it is used to identify the users of the operating system and related activities, and assign unique identifiers to users and corresponding activities.

  (3) Access control: It is used for OS resource management control to prevent resource abuse. (Usually autonomous access control)

  (4) Least privilege management: The OS does not allocate the permissions required for user operations to perform tasks, preventing abuse of permissions, and reducing system security risks.

  (5) Trusted path: refers to the secure communication path established between the security system of the operating system and the user when the local user and the remote user of the operating system perform initial login or authentication (the trusted path protects the communication data from being modified and leaked, and prevents Trojan horse imitates the login process and steals the user's password)

  (6) Security audit: It is the OS that records, inspects, and audits system-related security activities. Its main purpose is to verify the compliance of system security policies, track users and activity topics that violate security policies, and confirm system security failures.

  (7) System security enhancement: also known as security reinforcement, by optimizing the configuration of the operating system or adding security components, the OS's anti-attack capability is improved

  The operating system is a complex system software, and its security mechanism integrates a variety of security technologies, mainly including hardware disaster recovery technology, trusted base technology, identity authentication technology, access control, encryption, security auditing and other technologies. The technology is applied to different degrees in various aspects such as OS security mechanism construction, security function realization, security guarantee, security evaluation, and safe operation.

The following content is a bit outdated (helplessly)

2. Windows operating system security analysis and protection

2.1 windows system architecture

  The windows system is an operating system researched and developed by Microsoft Corporation, and its development has gone through multiple versions such as Winodws3.1, Windows 98, Windows NT, Windows 2000, Windows XP, Windows 7, and Windows 10. Let's take Windows XP as an example. Its structure is a mixture of hierarchical structure and client/server structure. The system structure is shown in the figure. As can be seen from the figure, the system is divided into three layers. Among them, the bottom layer is the hardware abstraction layer, which provides the interface of the hardware structure for the upper layer. With this layer, the system can be easily transplanted; the second layer is the kernel layer, which provides execution, interrupt, exception Processing and synchronization support; the third layer is composed of a series of modules that implement basic system services, such as virtual memory management, object management, process and thread management, I/O management, interprocess communication, and safety reference supervisor.

img

2.2 Windows Security Mechanism

  (1) Windows authentication mechanism . Currently, there are two main authentication mechanisms for Windows, one is NTLM authentication, and the other is Kerberos

  (2) Windows access control mechanism . The security of Windows NT/XP has reached the Orange Book C2 level, realizing user-level autonomous access control. The access control mechanism is shown in the figure

img

In order to achieve safe access between processes, objects in WindowsNT/XP use security descriptors (Security Descriptor). The security descriptor is mainly composed of user SID (Owner), working group SID (Group), free access control list (DACL) and system access control list (SACL).

  (3) Windows audit/log mechanism

  (4) **windows protocol filtering and firewall. **windwos provides a packet filtering mechanism to limit network packets from entering the computer. And since XP, it has its own firewall, which can monitor and limit the network communication of the user's computer.

  (5) Windows file encryption system . In order to prevent intruders from reading disk information through physical means, it bypasses the Windows system file access control mechanism. Microsoft has researched and developed the encrypted file system EFS, and the data in the file is encrypted on the disk using EFS. If a user accesses an encrypted file, he must have the key of the file to open the file and use it transparently like an ordinary document.

  (6) Anti-attack mechanism . For common buffer overflow, malicious code and other attacks, windows 7 and windows 10 add anti-attack security mechanisms and integrate memory protection mechanisms, mainly including stack protection (Stack Protection), safe structure exception handling SafeSEH (Safe Structured Exception Handling), Protection mechanisms such as DEP (Data Execution Prevention), address randomization ASLR (Address Space Layout Randomization), patch protection PatchGuadrd, and driver signing (Driver Signing).

2.3 Security Analysis of Windows System

  • Windows password
  • Windows malicious code (related malicious codes include: "Shock Wave" network worm, "Eternal Blue" ransomware network worm)
  • Vulnerabilities in Windows application software (for example, security vulnerabilities in IE browsers allow remote attackers to implant Trojan horses, thereby endangering the entire security system)
  • Vulnerabilities in Windows system programs (for example, vulnerabilities in RPC programs lead to buffer overflow attacks)
  • Windows registry security: through the registry, users can easily add, delete, and modify software configuration information or hardware drivers in the windows system, which is convenient for users to adjust the working status of the system software and hardware in a timely manner, and the registry It has also become the target of intruder attacks, planting Trojan horses through the registry, modifying software information, and even deleting, deactivating or changing the working status of hardware.
  • Windows file sharing security
  • Windows physical proximity attack: refers to the attack on the hardware, and the attacker forcibly enters the windows system by borrowing security tools.

2.4 Windows system security enhancement technology method and process

  Windows system security enhancement refers to improving the security protection capability of the system through some security measures. The current common security system enhancement methods are:

(1) Security vulnerability patching (Patch)

(2) Stop service and uninstall software

(3) Upgrade or replacement program

(4) Modify configuration or permissions

(5) Remove Trojan and other malicious programs

(6) Install special security tool software

  Windows system security enhancement is a tedious task, the basic steps are as follows:

(1) Confirm the security objectives of system security enhancement and the business requirements of the system

(2) Install a minimal operating system . The purpose of minimizing the operating system is to reduce the number of system security risks. The larger the system, the greater the possible security risks, and it is difficult to take care of it in management. The minimum operating system requirements for installation are as follows:

  • Try to use the English version of the Windows operating system
  • Do not install unnecessary network protocols
  • Use NTPS partition
  • Remove unnecessary services and components

(3) Install the latest system patch

(4) Configure and install system services

(5) Configure security policies . The security policies that need to be configured in the windows system mainly include account policies, audit policies, remote access, file sharing, etc.

(6) Disable NetBIOS . NetBIOS provides name service and session service, and these services usually provide attackers with entry points for intrusion. For system security, it is generally recommended to disable NetBIOS.

(7) Account security configuration

  • disable default account
  • Check regularly to find possible accounts as early as possible
  • Lock Guest account

(8) File system security configuration

(9) Configure TCP/IP filtering and ICF

  • Filter unused ports
  • Filter unwanted application layer network services
  • Filter ICMP packets

(10) Disable CD or floppy disk booting to prevent physical proximity attacks.

(11) Use screen saver password

(12) Set application software security

(13) Install third-party protection software

2.5 Typical Windows System Security Tools and Reference Scope

The Windows system is a very widely used operating system, and it is frequently threatened by security. Typical security tools for Windows are as follows:

  • Remote security login management tool OpenSSH (open source);
  • System identity authentication enhancement tool Kerberos (open source), etc.;
  • Malicious code detection and killing tools ClamAV (open source), 360 antivirus, Tinder Sword, etc.
  • System security inspection tools Nmap (open source), Fport. Sysinternals (tool integration), etc.;
  • System security monitoring tools Netstat (system built-in), WinDump (open source), etc.

  For the security management of Windows system, security organizations at home and abroad have formulated security standards and specifications as the security baseline for Windows operating system configuration. Currently, reference baselines include CIS (Center for Intermet Security), SANS TOP 20, NIST SP 800-70, "Information Security Technology Government Computer Terminal Core Configuration Specification" (GB/T 30278-2013), etc.

  In addition, in order to facilitate the security configuration management of the operating system, the security company has developed a security configuration verification management system.

3. UNIX/Linux operating system security analysis and protection

3.1 UNIX/Linux system architecture

  Compared with the Windows system, the UNIX system has a longer history. After long-term development and evolution, a variety of UNIX operating systems with different characteristics have been formed. Such as Solaris AIX, HP-UNIX, Free BSD, etc. In addition, there is an open source Linux operating system, which is similar to the UNIX system and is currently widely used on the Internet. Although there are different types of UNIX, they are the same in terms of technical principles and system design structures. The general UNIX/Linux operating system is divided into three layers: hardware layer, system kernel and application layer, as shown in Figure 19-6.

img

3.2 UNIX/Linux Security Mechanism

  UNIX/Linux is a multi-user and multi-task operating system . Therefore, the basic security function of UNIX/Linux operating system is to avoid mutual interference between different users and prohibit unauthorized access to system resources .

  The main security mechanism of UNIX/Linux:

  (1) UNIX/Linux certification

  • Password-based authentication
  • terminal authentication
  • Host Trust Mechanism
  • Third-party authentication (such as one-time password authentication S/Key, Kerberos authentication system, plug-in identity authentication PAM

  (2) UNIX/Linux access control.

  Ordinary UNIX/Linux systems generally implement the control of system resources through the file access control list ACL, which is often said to be realized through the "9bit" bit. For example, the list display information of a file is as follows:

-rwxr-xr-- 1 test test 4月9日17:50 sample.txt

  It can be seen that user test has "read, write, and execute" access rights to the file sample.txt, while other users in the test group only have "read, execute" rights, and other users only have "read" rights .

(3) UNIX/Linux audit mechanism

  The audit mechanism is an important part of UNIX/Linux system security, and the upgrade system administrators can detect system intrusion behavior or system security risks in time. Different versions of UNIX/Linux have different directories for log files. Common log files are as follows:

  • lastlog: Record the time of the user's most recent successful login:
  • loginlog: Bad login attempts logged:
  • messages: Record the messages output to the system console and generated by the syslog system service program:
  • utmp: Log each user currently logged in:
  • utmpx: extended utmp:
  • wtmp: record the historical information of each user login and logout;
  • wtmpx: extended wtmp;
  • vold.log: Logs errors when using external media:
  • xferkig: record ftp access:
  • sulog: record the usage of su command:
  • acct: Record the commands used by each user.

3.3 UNIX/Linux system security analysis

  (1) UNIX/Linux password/account security

In UNIX/Linux, password information is stored in passwdand shadowfiles, and the directory where these two files are located is /etc. Intruders often use various methods to obtain password files. For example, view the password file passwd through the vulnerability of the WebCGI program

  (2) UNIX/Linux trusted host file security

  In the UNIX/Linux system environment, in order to facilitate the interoperability between hosts, the system provides two files /$HOME/.rhostor /etc/hosts.equivconfigurations to realize the addition of trusted hosts. When a host A trusts another host B, users of host B can log in to host A from host B without the authentication of host A. However, this simple trust relationship can easily lead to impersonation, and if the trusted host file is improperly configured, it will inevitably bring security risks.

  (3) UNIX/Linux application software vulnerabilities

  Security risks of application software on the UNIX/Linux platform are increasingly exposed, especially commonly used application software packages, such as Sendmail and BIND. These potential safety hazards often lead to unauthorized access and illegal abuse of the system. The early "Little Morris" network worm used the Sendmail vulnerability to spread

  (4) UNIX/Linux SUID file security

  In UNIX/Linux, a SUID file refers to an executable file that is set to be executed with the identity and permissions of the file owner. Because many system security holes exist in SUId files, SUID files have become a major hidden danger to system security. For example, Linux can perform privilege escalation operations through SUID (about SUID privilege escalation, you can take a look at it if you want to know)

  (5) Malicious code of UNIX/Linux

  Compared with Windows systems, computer viruses in UNIX systems are less harmful, but they still exist. Other network worms, Trojan horses, and rootkits targeting UNIX systems
are also reported from time to time. For example, the earliest Internet worms broke out in UNIX systems.

  (6) UNIX/Linux file system security

The file system is the core   of UNIX/Linux system security . In UNIX/Linux, all resources are regarded as files. UNIX/Linux file security is
controlled by "9 bits". Each file has three groups of permissions, one group is the owner of the file, one group is the members of the group to which the file belongs, and one group is all other users. File permissions are: r
(read), w (write), x (execute). However, if this control operation is not set properly, it will bring harm to the system. For example, if /etc/shadowthe file is allowed to be read by anyone, it will lead to the disclosure of password information.

  (7) UNIX/Linux network service security

  UNIX/Linux system provides many network services, such as finger, R-command service, etc. Although these services can bring convenience to work. But it also causes system security risks. finger [email protected]For example, the information of the remote UNIX/Linux host can be displayed through the figurer service (command )

  (8) UNIX/Linux system program vulnerabilities

  Intruders generally enter the UNIX/Linux system through ordinary accounts, and then use the program loopholes of the system to escalate their privileges

3.4 UNIX/Linux system security enhancement method and process

(1) UNIX/Linux system security enhancement method. Like the security enhancement of the windows system, the common security enhancement methods of the UNIX/Linux system are as follows

  • Patch security holes
  • stop unnecessary services
  • Upgrade or replace packages
  • modify system configuration
  • Install dedicated security tool software

(2) Basic process of UNIX/Linux system enhancement

img

3.5 UNIX/Linux system security enhancement technology

  (1)Install the system patch package

  (2)Minimize network services. Minimal configuration service refers to closing unnecessary services and network ports as much as possible under the prerequisite of meeting the business, so as to reduce the potential security hazards of the system. To realize the minimization of UNX/Linux network services, the specific security requirements are as follows:

  • The file permission of inetd.conf is set to 600
  • The file owner of inetd.conf is root
  • The file permission of services is set to 644
  • The file owner of services is root
  • In inetd.conf, unregister unnecessary services, such as finger, echo, chargen., rsh, rlogin, tp services
  • Only open network communication ports related to system business operation

(3)Set system power-on protection password. In the UNX/Linux system, users can enter the system as a single user through a special key combination without providing a user name and password. Therefore, in response to this threat, on the one hand, it is necessary to avoid intruders physically approaching the system, and on the other hand, it is necessary to set a system boot protection password to prevent intruders from booting, so as to achieve the purpose of protecting the system. The power-on protection password is set by the BIOS program, so that when the system starts, the BIOS program will prompt the user to enter the password.

(4)Weak password check. Aiming at potential security risks of weak passwords, system administrators use password cracking tools to check weak passwords in the system. The commonly used password checking tool is John the Ripper.

(5)disable default account

(6)Enhancing Network Service Security with SSH. Currently, SSH (Secure Shel) is used to enhance the security of Telnet and FTP. SSH provides security services such as authentication and encryption, and can construct an encrypted channel between two or more hosts to ensure communication security.

(7)Enhance access control with tcp_wrapper. Through tcp_wrapper, administrators can monitor and filter various services provided by inetd.

(8)Building a UNIX/Linux host firewall(ipchains、iptables、netfilter)

(9)Use Tripwire or MD5Sum integrity detection tools. When a new UNIX/Linux system is established, the hardware and software information of all system files should be recorded, and a system file benchmark information library should be formed to check the integrity changes of system files in the future to avoid the implantation and modification of malicious programs. Tampered files can be found using Tripwire or MD5Sum software security tools.

(10)Detect LKM backdoor. UNIX/Linux systems generally support the LKM (Loadable Kernel Module) function, but there is a potential safety hazard, that is, intruders can write loadable kernel modules, such as rookit, thereby causing greater system hazards. For LKM backdoor hazards, in addition to using integrity checking tools, special security checking tools can also be used, such as Kstat, Chrootkit, and Rootkit Hunter.

(11)System Security Monitoring. The security of the UNIX/Linux system is dynamic, and real-time monitoring of the running system is conducive to timely discovery of security problems and emergency response. For the security monitoring of UNIX/Linux systems, commonly used security tools include Netstat. Isof. Snort and so on.

3.6 Linux security enhancement configuration reference

  (1) Prohibit access to important files

  For some key files in the system, such as inetd.conf, services and lilo. conf, etc. can modify its attributes, and the mechanism is modified and viewed by ordinary users

  (2) Prohibit unnecessary SUID programs

  SUID can use normal users to execute a certain program with root privileges, so such programs in the system should be strictly controlled. Find the program with the s bit to which root belongs:

   find / -type f \ (-perm -0400 -o -perm -0200 \) -print|less

   Prohibit unnecessary programs in it

   chmod a-s program_name

  (3) Add a boot password for LILO

  Add options in the /etc/lilo.conf file, so that LILO will ask for a password when it starts, so as to strengthen the security of the system.

  (4) Set the password minimum length and minimum use time

  Modify the parameters and /etc/login. defsin the file to set the minimum length of the password and limit the use time of the password to ensure that the password is changed regularly.PASS MIN_ LENPASS_ MIN _DAYS

  a. Edit the hosts.deny file and add the following lines:

   #Deny access to everyone
   ALL:ALL@ALL

  Then all services are prohibited for all external hosts unless allowed by the hosts alw file.

   b. Edit the hosts.allow file and add the following lines: .

   #Just an example:
   ftp:x.x.x.x y.com

  Then the machine whose IP address is xxxx and host name is y.com will be allowed to access the FTP service as a client.

   c. After the setting is completed, use tcpdchk to check whether the setting is correct.

  (5) Restrict remote access

Allow and prohibit remote hosts from accessing local services    through /etc/hosts.allowthese two files/etc/hosts.deny

  (6) User timeout logout

  By modifying /etc/profilethe file, add on the next line of "HISTFILESIZE="the line :

  TMOUT=600

  Then all users will be automatically logged out from the system after 10 minutes of inactivity

  (7) Delete command records when logging out

  Edit /etc/skel/.bash_logoutthe file and add the following lines:

    rm -f $HOME/.bash_histroty

3.7 Typical security tools and reference specifications for UNIX/Linux systems

  UNIX/Linux systems are often used in servers, and common typical security tools are as follows:

  • Remote security login management open source tool OpenSSH;
  • System authentication enhanced open source tool Kerberos;
  • System access control enhanced open source tools SELinux, iptables, TCP Wrappers, etc.;
  • Malicious code detection and killing tools ClamAV, Chkrootkit, Rootkit Hunter, etc.:
  • System security inspection tools Nmap, John the Ripper, OpenVAS, etc.;
  • System security monitoring tools lsof, Netstat, Snort, etc.

  UNIX/Linux security baseline reference standard specifications include CIS (Center for Intermet Security), SANS and so on.

4. Overview and security analysis of domestic operating systems

  • Domestic OS generally refers to the OS developed by the country's independent research and development force, which has strong controllability and security.

  • The early security operating system in China was the Ansheng operating system. At present, the new domestic OS also includes Huawei's Hongmeng and Ali Feitian cloud operating system.

  • The domestic operating system is developed based on the open source software Linux, and its security is closely related to Linux. At the same time, due to the inevitable security risks in the related software packages or hardware supporting the domestic operating system, this also poses a security threat to the domestic operating system. The main security risks faced by domestic operating systems are analyzed as follows:

  • Security Risks of the Linux Kernel. (It will be affected by Linux kernel vulnerabilities, such as input validation errors, buffer errors, boundary condition errors, etc.)

  • Security of self-developed system components. (Due to the complexity of the software, self-developed system components may have vulnerabilities)

  • Rely on the security of third-party system components (third-party components have security vulnerabilities, causing OS system security risks)

  • Security of system security configuration (improper security configuration of the operating system constitutes a system security threat, such as opening too many service ports and setting weak passwords)

  • hardware security

Guess you like

Origin blog.csdn.net/qq_43632414/article/details/127417631
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com