[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Security: FreeBSD vs OpenBSD
* Robert Shea (firstname.lastname@example.org) [020315 16:58]:
> "The evaluated configuration for Windows NT 4.0 Service Pack 6a with the
> C2 Update includes any number of the Windows NT Server and/or the
> Windows NT Workstation products, acting in any one of the following
> roles, either stand-alone or connected via a physically protected
> network consisting of zero or more Windows NT domains:
> Microsoft Windows NT 4.0 Server product
> . Primary Domain Controller (PDC);
> . Backup Domain Controller (BDC);
> . Non-Domain Controller (domain member); and
> . Non-Domain Controller (non-domain member).
> Microsoft Windows NT 4.0 Workstation product
> . Domain member; and
> . Non-domain member."
This is lovely. However their tests excluded Posix, Streams, RAS, DHCP,
NetBEUI, AppleTalk, and IPX. Also not evaluated are any processors except the
Intel Pentium Pro and the Intel Pentium II on a limited subset of Compaq
hardware offerings. A limited subset of the things which many NT shops use
> -FINAL EVALUATION REPORT
> Microsoft Corporation
> Windows NT Workstation and Server
> Version 4.0, Service Pack 6a
> (page 15)
> and as far as it being current goes? well the latest evaluation was
> completed on 11-99, considering how long it takes for an evaluation to
> be completed, I assume we will see one for Win2k late this year/early
> next. As an informal evaluation will tell you that Win2k effectively
> meets the C2 TCSEC.
According to your PDF, evaluation for NT4 sp6 began in July of 1998, and was
completed in 1999. Win2k came out in 1999. It is now 2002. Care to explain the
2 year delay?
> And other products Microsoft makes? MS-SQL Server 8.0 also received the
> C2 rating on August 2000, but I am sure it had it's networking guts
> removed as well. ;)
> I never said worship the guide, in fact many fine systems like Argus'
> DBAC, SELinux's Flask, YGuard, and AITS's inherited RBAC are not covered
> by DOD-5200.28-STD, yet are all fine systems. The Orange book is flawed
> in many ways for mainstream operating systems, it's over reliance on the
> Bell-La Padula security model, while reasonable effective from a
> security model is both incomplete and difficult to implement by anyone
> other then experts, (a bad quality in an OS aimed at the general
> "Security is not defined by adhering to rules laid out in a book.
> Security is not a product you can sell.
> Security does not come in a box wrapped up in bows."
> Security is verifiable not voodoo magick pedaled by "experts"
This makes no sense. Would you care to clarify?
There is a bottom line here. The bottom line is that the Orange book is an
excellent guide. Being c2 certified is a tribute to good design. NT has a well
designed and thought out security system. Thats lovely!
Enter reality. NT has problems in the code. NT has problems in supported
applications. How many IIS holes have there been? Software shipped with
default full access passwords? Buffer overflows? Software that ships with
insecure configuration errors?
I'll say it again because repetition is an excellent way to teach those who
learn in a Gestalt manner: Security is a process. Your C2 is just a base, not
a measure of how secure something is.
"Life is far too important a thing ever to talk seriously about."
- Oscar Wilde (1854 - 1900)
Send mail w/ subject 'send public key' or query for (0x251A4B18)
Fingerprint = A642 F299 C1C1 C828 F186 A851 CFF0 7711 251A 4B18