Chapter 4: hardening Operating Systems (4.2.2 ADVANTAGE OF KERBEROS…
hardening Operating Systems
4.4.3Explain Framework of Pluggable Authentication Module (PAM)
configuration is done via a pam.conf file
the request is forwarded to the appropriate authentication model - one or more(stack)
the applications calls the PAM API
enbales multiple authentication technologies to be added without changing any of the login services
4.4.2 Describe steps involve in configuring UNIX services
4.4.1 Explain User & File system security administration
multiuser system, which means that all the users who are logged in to a system can read and use files that belong to one another, as long as they have the file permissions to do
Security Configuration Wizard
Three main components
A security configuration database
-A command-line interface
A wizard interface
A software program that allows administrators to easily change a server's default security settings.
Windows Server authentication
secure form of authentication because the user name and password are hashed before being sent across the network.
IPsec can be used for the setting up of virtual private networks (VPNs) in a secure manner.
Also known as IPSecurity.
It can use cryptography to provide security.
Internet protocol security (IPsec) is a set of protocols that provides security for Internet Protocol.
Examples: NIPRNet, SIPRNet. JWICS, NSANet are all kept separate.
A network with a different security domain is kept separate from other networks.
the determining factor in the classification of an enclave of servers/computers.
4.2.2 ADVANTAGE OF KERBEROS AUTHENTICATION
standards based protocol
4.2.1 KERBEROS AUTHENTICATION
Kerberos protocol messages are protected against eavesdropping and replay attacks
designers aimed it primarily at a client–server model and it provides mutual authentication.
allow nodes communicating over a non-secure network to prove their identity to one another in a secure manner.
computer network authentication protocol that works on the basis of tickets.
4.1.4 Configure windows services to disable all unneeded services
4.1.3 Use Rootkit revealer for root kit detection
rootkit is used to describe the mechanisms and techniques whereby malware, including viruses, spyware, and trojans, attempt to hide their presence from spyware blockers, antivirus, and system management utilities.
4.1.2 Explain Windows Registry
used to store much of the information and settings for software programs, hardware devices, user preferences, operating system configurations, and much more.
usually referred to as just the registry , is a collection of database of configuration settings in Microsoft Operating System
4.1.1 Define BIOS security
manages data flow between the computer's operating system and attached devices such as the hard disk, video adapter, keyboard, mouse and printer.
program a personal computer's microprocessor uses to get the computer system started after you turn it on.
BIOS (basic input/output system)