A New Paradigm For Trusted Indicators In Optical Networks

Download Report

Transcript A New Paradigm For Trusted Indicators In Optical Networks 

Joshua White
Director of CyOON R&D
[email protected]
Adam Pilbeam
Lead Network Engineer
[email protected]
Everis Inc
http://www.everisinc.com
(315) 370-1535 x4015
CyberPatriot: Operating System Security Overview
9/31/10
1
Agenda




Operating Systems (OS) Overview
OS Security Goals
Hardening Overview
Hardening
–
–

Windows
Linux
The OS Security Debate
2
OS Overview

Operating System
–
Interface between
user hardware
–
Intermediary
between software
and hardware
–
Control of input
and output (I/O)
devices
Image cutesy of: cgl.ucsf.edu
3
OS Security Goals

CIA Triad
–
–
–

Confidentiality
Integrity
Availability
AAA Model
– Authentication
– Authorization
– Accounting
4
Hardening Overview

OS Hardening






Keeping up to date with patches
Removing unused software
Removing unneeded users
Disabling unneeded services
Locking unneeded ports
Using Security Software



Firewalls
Access Controls
Viral/Malware Protection
5
Hardening Windows

DEMO

More Resources:
–
Windows Server:
•
–
Windows XP:
•
–
http://security.utexas.edu/admin/win2003.html
http://www.windowsecurity.com/articles/Windows_XP_Y
our_Definitive_Lockdown_Guide.html
And many more
•
Do a search for “windows hardening checklist”
6
Hardening Linux


Same concept as Windows hardening
Can use more advanced access control features outside CP
scope
–

Less GUI oriented
–

SELinux
Most OS feature tools use command line interface
Many Guides Available:
http://www.freesoftwaremagazine.com/articles/hardening_linux
http://www.cyberciti.biz/tips/linux-security.html
http://security.utexas.edu/admin/redhat-linux.html
http://www.sans.org/score/checklists/linuxchecklist.pdf
7
OS Security Debate

What OS is more secure?
–
–
–
–
–
–
Depends on how you protect it
Less Malware that effect Linux
More Rootkits that effect Linux
Open Source means more peer review
•
Does not mean quality control
Windows users tend to buy-in more to third party
software based protection
Linux users tend to learn the ins-and-outs of
hardening given built in Tools
8
Thanks

Thanks to:




Central NY ISSA for providing time to the
CyberPatriot documentation project

www.issa.org
Everis Inc. for hosting, technical support,
experienced staff and more

www.everisinc.com
Griffiss Institute for providing space and
support
• http://www.griffissinstitute.org/
Rome AFRL for their support of STEM
• http://www.wpafb.af.mil/afrl/ri/
9