Re: [WinMac] unix/ nt security diffs?

CHoogendyk@aol.com
Tue, 18 May 1999 21:58:39 EDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: bartosh@apple.tamu.edu: "Re: [WinMac] unix/ nt security diffs?"
Previous message: Daniel L. Schwartz: "Re: NT Server for Rampage RIP"
Next in thread: bartosh@apple.tamu.edu: "Re: [WinMac] unix/ nt security diffs?"

In a message dated 5/17/99 1:34:07 PM, bartosh@apple.tamu.edu writes:

>I am looking for a web page or something detailing differences
>between the unix security model and NT's.
>
>One of my jobs is helping a Department here plan and integrate OS's
>into the resource/support strategy, and a minor research group has
>decided they want to use nt.

Are you looking for user access or security?

If you have the latest NT and the latest Unix, the access controls on a file
might be fairly similar. But that just scratches the surface of security
issues. You could take a 5 day (40 hour) course on either Unix or NT security
and it would just be a primer. Since I'm at home and not at work, I don't
have my bookmarks, but there is an excellent site at purdue that is a focal
point for security issues. You can jump off from there to a large number of
other interesting sites. They will point you to virus sites, hacker sites,
software sites for third party security, etc.

If you look at Unix, you can start with controlling who can access what
files. Then you can look at authentication issues, protecting root access,
password quality, shadow password files, secure socket layer, encryption,
closing off back doors, .... (I have a 2.5" thick book on Unix and Network
Security.

If you look at NT, similar story but all the details are different. To really
secure an NT workstation, you have to get into all kinds of registry edits or
third party security software. My gut sense is that a Unix system is easier
to really secure than an NT system.

Just as an example, our public NT workstations in the university library seem
to get hacked fairly regularly in spite of man months of work spent on trying
to develop a secure system. We end up simply re-Ghosting a station when it
gets messed up. (Ghost [now owned by Symantec/Norton] basically reformats the
drive and copies a disk image over the network, then adjusts the SIDs, IPs,
etc.)

Well, I feel like I'm ranting on without really knowing what you are after.

If you could ask some more specific, pointed questions based on what I have
said already, I might try again -- or someone else will chime in.

Chris Hoogendyk
Network Specialist
UMass Library, Amherst

Managing Novell, NT and Unix servers from my desktop Macintosh G3.

* Windows-MacOS Cooperation List *

Next message: bartosh@apple.tamu.edu: "Re: [WinMac] unix/ nt security diffs?"
Previous message: Daniel L. Schwartz: "Re: NT Server for Rampage RIP"
Next in thread: bartosh@apple.tamu.edu: "Re: [WinMac] unix/ nt security diffs?"

This archive was generated by hypermail 2.0b2 on Tue May 18 1999 - 19:04:00 PDT