HostedDB - Dedicated UNIX Servers
nt-part2_65 Analysis of the Security of  Windows NT 1 March 1999 65 The Berkeley ‘r’ protocols mentioned earlier were designed for an environment where all machines and the network connecting them were located in a single computer room, and all access to the network was via UNIX machines. Thus the authentication mecha- nism for these protocols is based on the transmission of clear text passwords via the network. The concept of an all powerful administrator is carried over in the Berkeley implementation of the TCP/IP protocol suite, and the ‘r’ protocols. Any request com- ing from a TCP/IP port with a port number below 1024 is considered to have come from a process with administrative privileges on that host. Since none of the above is not typically true of today’s installations these security  “features” leave a lot to be desired. NIS and NFS contain few security mechanisms, if any. What little security NIS and NFS can be configured to have is mostly derived from the reserved port numbers “fea- ture” mentioned above, and a simple IP-address host based address check. The over- whelming majority of information transmitted via the network from these services are furthermore in the clear, and thus anyone with access to the network is free to listen in, and/or modify the traffic. The situation is made worse by the fact that as noted above the trust relationship between server and client is a trifle naive. If you have a host under your control any- where on the network, both NFS and NIS will most likely trust it implicitly, and you can for instance impersonate users, to gain access to their files etc. In the case of NIS it is easy to gain access to the data it distributes, even though you are not among the hosts originally intended as a recipient of that information. Some, if not to say most, of this information; user accounts etc are of a security critical nature. The interested reader is referred to the standard reference of the subject of UNIX security [59]. 8.2  UNIX versus NT Even though Microsoft Inc. would like to have us believe otherwise, NT does not in fact contain many ideas that UNIX has not either pioneered or picked up during the seventies or early eighties. Both systems have from a research perspective a distinctive seventies feel to them. Especially from a security perspective one is struck by the simi- larities between the respective systems. There are in fact many more similarities than differences. NT has adopted the concept of an all powerful administrative account, even though the corresponding SUID feature is not as heavily depended upon for administratively critical tasks. NT has the same basic structure when it comes to pro- cesses and privileges. The file system has the same basic layout even though a few more operations besides (read/write/execute) can be specified. About the only relatively recent technological advance that Microsoft has incorporated is microkernel technology. However, Microsoft’s implementation is several megabytes per kernel server, much to large to gain any real security advantage. It is interesting to note that the NT kernel is of approximately the same size as a typical UNIX kernel, in terms of services provided. A UNIX kernel on the same hardware is typically smaller in terms of memory consumption. Furthermore, in later releases of the NT operating system, much code from the servers, most notably the GUI, have been moved into the kernel proper, with negative effects on security. Some performance has been gained by this however.