a comparison of the security of windows nt and unix hans hedbom, stefan lindskog, stefan axelsson...
TRANSCRIPT
A Comparison of the Security of Windows NT
and UNIX
Hans Hedbom, Stefan Lindskog,Stefan Axelsson and Erland Jonsson
Originally presented at the Third Nordic Workshop on Secure IT Systems, November 1998
http://www.ce.chalmers.se/staff/sax/nt-vs-unix.pdf
Presented by Clare West
Outline
• Introduction• Security Comparison
– Identification– Authentication– Networking
• Man-in-the-Middle Authentication Attacks on both Windows NT and UNIX
• Conclusion
Introduction
• “It has been claimed that the security of Windows NT is far better than that of previous commercial operating systems.”
• Compare NT with UNIX– Networked Windows NT 4.0– UNIX with NFS (Network File System)
and NIS (Network Information System)
Introduction cont.
• Windows NT– Released in 1992– Processes– Threads– Symmetric
multiprocessing– Distributed
computing– Object model to
manage resources
• UNIX– Released in ~1974– Processes– Threads– Symmetric
multiprocessing– Distributed
computing– File model to
manage resources
Identification
• Windows NT– Usernames– Numeric SID
(Security IDentifier)
– SID is unique to a Domain
– SIDs are never reused
• UNIX– Usernames– Numeric UID (User
IDentifier)– UID may not be
unique within an NIS domain
– UID may be reused
Authentication
• Windows NT– Passwords– Stored encrypted in
SAM (Security Account Manager). Only accessible to Domain Administrators
– Encrypted by DES and MD4
• UNIX– Passwords– Stored encrypted
in /etc/passwd or NIS (Network Information System). Accessible to any user.
– Encrypted by DES
Authenticating with a UNIX NIS Domain
Client yp_match response Server
Alice
alice:23:20:sCFNq7Qf8/kwg:Alice Cooper:/home/alice:/bin/tcsh
Client
Alice
Serveryp_match request
for alice’s passwd entry
The password supplied by Alice is encrypted and compared with the encrypted password in the passwd entry supplied by the NIS Server
Authenticating with a Windows NT Domain
Alice ServerRequest for Service
ServerAliceChallenge - random string
Alice ServerResponse - encrypted string
Alice encrypts her password and then uses this to encrypt the random string sent by the server.
The server encrypts the random string it sent with Alice’s encrypted password and compares this with her response.
Networking
• Windows NT– Logging by
computer name not IP address
– Trust placed in clients not acting maliciously
• UNIX– Address based
authentication– Trust placed in
clients not acting maliciously
A Man-in-the-middle Attack vs UNIX
Goal: Mallory impersonates Alice to the Client
Mallory prepares a yp_match response with the encrypted password of his choice
MalloryClient yp_match response
Mallory
alice:23:20:FdFNq7Qf85twg:Alice Cooper:/home/alice:/bin/tcsh
Client Server
yp_match request
Mallory
Mallory
for alice’s passwd entry
A Man-in-the-middle Attack vs NT
Goal: Mallory impersonates Alice to the Server
Challenge - random string (A)Mallory Server
AliceRequest for Service
Server
Mallory
Challenge - random string (A)MalloryAlice
Response - encrypted string (A)
Mallory
ServerAlice
Response - encrypted string (A)Mallory Server
Mallory ServerRequest for Service as Alice
Mallory waits for Alice to attempt to use the Server
Man-in-the-Middle AttacksResults
• Windows NT– Allows access to
the server as Alice– Mallory must wait
for Alice– Mallory can only
impersonate active users he can spy on
• UNIX– Allows access to
the client as Alice– Mallory can
attack at any time– Mallory can
impersonate any user
– Combined with NFS (Network File System) allows access to any file systems exported to the client as any user
Conclusions
• “…the security mechanisms of Windows NT are slightly better than those of UNIX”
• “…the two systems display a similar set of vulnerabilities”
• “…with the present way of installing and using the systems there seems to be no significant difference between their security level”
Question
• What System Security Threats are posed by the Man-in-the-middle attacks presented earlier?
Interception
Interruption
Modification
Fabrication