webpointmorpheus Network Info
Threats, Shares, & Permissions

     Overview      Definitions      Internal      External      Major OSs      General Notes

©2005 - material compiled by Bob Carnaghi, www.webpointmorpheus.com

Overview     Top of Page

Since the dawn of the computer era, the concept of security has taken on new dimensions. Prior to computers and the Internet, the act of theft, vandalism, and destruction was largely governed by physical presence, access, and proximity to the items targeted. Since the advent of computers and the Internet, an individual no longer needs to be in close proximity to re-route bank funds, to access sensitive information, or to perform a variety of other tasks. As new means of accessing and facilitating movement of data have been developed, so have the means of performing illegal, immoral, and unethical actions. Hence, computer security is mandated to keep pace with these developments.

Computer and network threats come in two basic forms: those that originate from inside of a network system, and those that come from outside the network system. Listed below are some considerations for each of these categories.

If you have a difficult time with the acronymn drenched terms used in this document, check out the Network Definitions Page.

Definitions     Top of Page

Permissions: Attributes set by administrators to resources that define allowed actions on files, folders, or other shared resources.

Universal Naming Convention (UNC): A system of resource identification that is of the format \\SERVER\RESOURCE\

User Account: The basic level of information that identifies an individual to a system.

Group: A collection of user accounts given a certain level of access permissions for ease of administration.

Bindery: Novell Netware database that uses NDS (Netware Directory Services) for user accounts and stores information regarding resources, groups, and rights.

Internal Threats     Top of Page

Internal threats to a network system are those threats to the stability and security of the system that originate from within the system itself. They can range from user carelessness to theft by employees to Trojan Viruses which enter through email or other seemingly harmless sources.

1. Access to resources by unauthorized persons
2. Data destruction by carelessness or neglect
3. Administrative Access
4. System/Hardware Failure
5. Physical Access/Theft
6. Infiltration of viruses

   Solutions     Top of Page

1. Strong passwords - mandate changes
2. User account control and management
3. Permissions
4. Group management and policies

External Threats     Top of Page

External threats are those potential problems that attempt to gain system control from outside the network. These may be electronic/software oriented, or some form of socially engineered attempt to gain access to passwords, logins, or other sensitive data.

1. Snoopers/Eaves Droppers
2. Packet Sniffers
3. Gaining Control of the System
4. Denial of Service
5. Social Engineering

   Solutions     Top of Page

1. Firewalls: Hide IPs, filter ports, filter packets, encrypt, authenticate.
2. PAP - Password Authentication Protocol
3. CHAP - Challenge Handshake Authentication Protocol
4. MS-CHAP
5. Data Encryption
6. VPN - L2TP, PPTP
7. Application Encryption
8. HTTP Proxy
9. Written disaster plan/SOP

   The Mike Meyers Security Model ^a

This outline is a distinction that can be made among the different NOSs. Each NOS treats each of the items differently, making each NOS suitable for a different level of application.

1. Resource-based Security - permissions assigned to a specific resource.
2. Server-based Security - access and permission system controlled by individual servers on the network.
3. Organization-based Security - a centralized domain controller that sets permissions and access restrictions at logon.

Major Operating Systems     Top of Page

Listed below are the major NOSs (Network Operating Systems.) Each of these systems addresses network security in different ways, and to different degrees.

1. Novell Netware - 3.x, 4.x, 5.x
2. Windows Workgroups - peer to peer systems
3. Windows Server Models - domain based systems such as Windows NT domains or Active Directory.
4. Unix/Linux - has three levels of access only: Read, Write, Execute. Also has concept of User, Group, Everyone.
5. Macintosh - Appletalk.

General Notes     Top of Page

This list is a (random) collection of items for consideration.

1. Windows workgroups operate at the level of resource-level security. This system becomes an admistrative burden beyond about 10 nodes.
2. The power of the Windows NT network system (Windows NT, Windows 2000, Windows XP) is in the NTFS file system. When utilized, NTFS embeds it powerful system of permissions into each resource.
3. NTFS Permissions (Windows NT version):
• No Access
• List
• Read
• Add
• Add & Read
• Change
• Full Control
4. NTFS Permissions (Windows 2000 version):
• Deny Access
• List Contents
• Read
• Write
• Read & Execute
• Modify
• Full Control
5. Files and folders are the typical share items, followed by printers and other hardware items.
6. Individual files are never set to be shared. Files can have permissions applied, but on a network system, only folders are set to be shared.

Notes     Top of Page

1. From 'Network+ Certification' by Mike Meyers. See Chapter 13.