1 / 15

Secure Operating Systems

Secure Operating Systems. Lesson E: Windows Security - Overview. Where are we?. We’ve discovered SELinux is moderately cool How does this compare to Windows? There’s a lot here, so we’ll just scratch the surface. Windows: History. So, Windows really does have a long history

catrin
Download Presentation

Secure Operating Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure Operating Systems Lesson E: Windows Security - Overview

  2. Where are we? • We’ve discovered SELinux is moderately cool • How does this compare to Windows? There’s a lot here, so we’ll just scratch the surface

  3. Windows: History • So, Windows really does have a long history • DOS survived for a long time, until we moved on to the NT core • The current version of Windows 8 has finally started to move away from the backward compatibility that has dogged us

  4. Bitlocker • Full hard drive encryption is actually pretty cool: Bitlocker • Can leverage the TPM, which is nice • Can provide remote attestation for hardware and software • Not only for disk encryption; has been used for DRM too • Can use in combination with a USB token

  5. TPM Structure • Picture from Guillaume Piolle

  6. Windows Integrity Control • Although we don’t think about them, Windows uses MACLs (Mandatory Access Control Lists) • Thus, the OS can make a security decision based on how trusted an object is • Let’s take a look with Process Explorer (from sysinternals)

  7. SACLS and DACLS • SACLS beat DACLS • System Access Control List • Discretionary Access Control List • Thus, even if the DACL grants access, the SACL must alsogrant access for the operation to go through • This is all documented well by MS… http://msdn.microsoft.com/en-us/library/windows/desktop/bb648648(v=vs.85).aspx • Enables things like SYSTEM_MANDATORY_LABEL_NO_READ_UP

  8. Managing all of this

  9. Of course, we need • Run As… administrator • icaclstemplow /setintegritylevel L for example • But of course, we never use this, except for using the defaults, which seems like a pity, eh? • There’s a philosophical point here

  10. UAC (Woohoo!) • Everyone seems to hate UAC, but it does help in terms of users making mistakes • It’s certainly not bulletproof (cue Shaun) • The idea is the principle of least privilege • The problem is that we don’t read the popups very well • The basic idea: run with lower privileges, and then upgrade as you need it

  11. Service Resource Isolation • What happens when a service gets broken in to? • Let’s look • sc query type= service | more • scshowsidAdobeActiveFileMonitor9.0 • psgetsid <sid> • Can create a *restricted* SID • Two checks: one on the enabled token, one on the restricted SID

  12. Service Refactoring • Basically, run services with base least privilege • New service hosts (low to high): • LocalServiceNoNetwork • LocalServiceRestricted • LocalServiceNetworkRestricted • NetworkServiceRestricted • NetworkServiceNetworkRestricted • LocalSystemNetworkRestricted

  13. Restricted Network Access • Network restriction policies can be applied to services too • Direction: ingress and egress • Protocol: what protocols should be allowed? • Principal: Rules apply to specific users • Interface: WLAN, Wireless, LAN etc.

  14. Buffer Overflows • Let’s remind ourselves how buffer overflows work • The compiler now adds Cookies… let’s look at the code

  15. Questions & Comments • What do you want to know?

More Related