Computer Security of Unix - Assignment Example

Computer Security Name: Number: Course: Lecturer: Date: Question one Unix Unix operating system uses a three level basic access control mechanism to protect files. There are three basic access control namely; User (u) which gives the specific user most likely the file or directory owner. Second is group (g) which gives the specific user that belongs to a similar group as a file and lastly others (o) which represents the other system users. One can select three modes of access rights with each individual class namely execute, write and read which are checked as follows. If incase the UID of a file is similar to the process UID, the owner approvals only apply while the group and any other approvals are not checked. And in cases where the UIDs do not resemble, but the group ID of the file resembles any process group IDs, the group approvals only factor in; the owner plus all other approvals are never checked. And lastly if the process Group IDs and the user ID fail to correspond to those of the respective file, the approvals are checked and if the given approvals do not allow the requested tasks it will not succeed. There are three more additional attributes that are defined by Unix for additional access control. We have the suid which after execution of a file, the generated process habitually takes its User ID identical to the ID of the User that started the program. But if the suid bit is established on an executable, the process takes the ID of the file owner. We also have the sgid where a process routinely has a Group ID identical to the group process. But if the sgid bit is established on the executable then the process is accorded the Group ID of the group file. Lastly we have sticky attribute where the file sticky bit makes a request to the kernel to store the process in memory after it is terminated. Every file belongs to an owner and a group. Only the root and the owner have privileges to change the permissions and such privileges can never be shared. Question two The operating system has several ways to manage access some of them include User Rights Policy This policy determines which users are granted specific rights to the system some we have levels of user groups each coming with specific privileges an example is the administrator who has extensive rights to all components of the system creating other administrators, removing users, installing software’s among others. There is also a guest account which is a limited account hence it users are allowed to only do few changes to the system. An example screen shot is as below where one is required to enter a username an password of which both must be correct in order to be granted access to the system. Each specific user will be lead to a different account with specific rights thus enhancing confidentiality of someone’s records. Per File Security Within the various user groups some operating systems provides an additional future to protect files further on per file basis, the security properties that can be set at this point are auditing, permissions and ownership. Permissions can be defined that will be applied to user groups or other individual users the permissions can be read, write, delete, execute, alter permissions or take ownership. Here is a screen shot of how one can change the rights to a folder as per the group id Auditing The operating system allows one to audit all events that occurred on a directory or a file thus increasing the integrity of the file contents. This is important due to the fact that we need to have control an overview of all the possible happenings to a directory file. The screenshot below shows a basic initiation of the audit process. . Question three Threat Description/Example Vulnerability Defense /Countermeasure Element of Operational Model Social Engineering A phisher sending out a email to someone to disclose his/her mastercard information Direct attacks or indirect building a bigger picture to create an aura of authenticity during an attack Do not divulge sensitive information to individuals not authorized to know it. prevention Piggybacking A person tapping into a companies wireless network Disclosure of private information to un intended recipients Enforce corporate access control procedures Protection Shoulder Surfing A person standing behind a bank client at an ATM point Disclosure of secret information to harmful persons safeguard paperwork and your keypad from sight using your body prevention Backdoor A user reviewing an untrusted compiler machine code prior to using it Unauthorized access to sensitive data Using diverse double compiling Prevention Password Misuse A company administrated sharing his/her password with a junior official because he/she is busy to handle some task. Cause hacking spikes Frequent reviews of passwords prevention Question four Tapping Copper wire especially the twisted pair can be easily tapped along the way which it runs which can be along walls or above roofs thus it can be tapped without detection. It also emits some electromagnetic energy which could be easily tapped with the aid of any sensitive material without necessarily tapping physically tapping to the media (cross talk) [Die10] Packet sniffing Devices that allow eavesdropping can be placed along the network traffic in between the sender and destination which can pose a serious threat especially if the data was supposed to be confidential. Accidental association This occurs when a computer user turns on the computer and it latches onto a WAP from the nearing organizations overlapping network this could possibly create a link between the two organizations networks. Malicious association This occurs when wireless media can be modified actively by crackers to gain access to an organizations network via cracking their computer rather than the organizations access point. Question five The email is not legitimate because of the following reasons.one is the disguised hyperlink address within the electronic mail that seemingly leads to ebay-buyerprotection.net which from the URL one can easily determined that it deals with nothing related to paypal. The second reason is the address bar has been hidden hence the mail recipient cannot see the real url address but then below the email there is a url address similar to that of the hyperlink provided that is misleading. There is also the issue of sender and recipient which seem to come from the same source to the same recipient. And from the content of the email it is evident that the recipient is supposed to treat the email as urgent hence disclosing his/her paypal information which is a common way that fraudsters use to hijack user accounts. The five guidelines 1. Subject Line most phished emails seem to contain subject lines that look as genuinely related to the entire email origin in a bid to fool the recipients to open the email. 2. Forged Senders Address this is a common method of deception with no guarantee of legitimacy of the source. 3. Genuine Looking Content some emails make use of copied pictures and text styles that legitimate websites use to depict their emails as genuine. 4. Disguised Links some links within the given mails are deliberately altered in a bid deceive the given recipients. 5. URL Spoofing of Address Bar Fake Address Bar this factors in removal of the address bar and using scripts to create fake address bar with images and text. Question six Authentication is concerned with determining whether a computer, a user or a service is the entity that it claims it is. On the other hand authorization determines which actions the entity authorized can undertake within the specific context. Both of them are methods of access management and authorization entirely depends on authentication before it occurs. The major relationship is that authentication occurs before authorization and fist it must be determined who you are before what you can do. References Die10: , (Gollmann 2010), Read More