Security Series Part 2 - Operating Systems

Operating systems, these vary for purpose, Windows was designed for business, Mac for Graphics and Linux for servers. but they can all do each others job now, as each OS has become more consumer based.

But each OS has a different game to play in the security world.

We shall start with Linux, Why i cannot be attacked like other OSes and what makes it so dam hard...

We shall do this in 2 sections, how it is maintained and why its secure, you will see why the both contribute massively to security.

 

Maintenance of Linux

This is different to any other OS, Linux and the distros are open source, the code can be edited to bend the will of Linux to what you need, The Linux hackers (Developers) break the system to see how the security can be improved even more, Other operating systems don't allow this due to them been Closed source, so you need to wait for a team to fix your problem over a community which is we shall say at least x10 size of MS security team.

Anybody can help in the Linux community, and they are friendly, So if you want to improve your personal security ask the community, they know how to do it.

With devs checking the code all the time don't expect to be infected, they will patch it before the exploit has even reached your system, With arch I do a Pacman sync and update everyday and there is always something to update, with my system up to date on a daily basis I am not going to be hacked via applications easily.

Oh also certain apps can be improved via the community.

This is all before I have setup IPTables and any other security, I didn't bother with security on my net book, and I haven't been infected yet.

If you need a secure OS go here, For the super paranoid get Fedora and use Real crypt ASAP.

 

Why is Linux so secure?

The system its self makes it secure, You cant run .exe formats in Linux without programs or VMs, so that is the first line of defense, 2nd is the fact the system almost always has an update, this may seem like an annoyance but to be honest make a script you click to update if its such a chore, Sure the system can be exploited with new updates to the system, but this happens in every system, but chances are exploits known are patched before they are executed.

Easiest way to explain is this, Imagine you have a core, which has about 10 walls, each with armored doors, by the time the attacker has got to the 5th door, if your ready and the community know about an exploit (which the more than likely do) an update will be pushed into the repos and ready, as soon as the application is updated the attack cant continue. If you also have firewall even the basic Linux one, you add more walls, distro dependent also adds even more walls, etc etc.

Works simple and works well, you can never go wrong with Linux :)

 

Now we shall move onto OS X which I call the middle ground between Linux and Windows for security.

OSX is Unix based (Same father as linux), Unix is also run with linux but in a different way, Apple used to use NeXTSTEP and now use a form of FreeBSD, This version is a closed source system and is maintained via apple. The actual FreeBSD is generally a FOSS system, but the major branding is Apple due to OSX. (Thanks for save Bacchuspp and Freq Labs)

OS X again cant read .exe without programs, and then a lot of applications have to be apple certified before they can be installed, you then have gatekeeper which asks for your request on any application.

There are some viruses out there for mac but they are hard to get, so for security use Sophos or NOD32, but chances are you wont need them.

The ecosystem around OS X has made it what it is today, it is an impressive system in how it is executed, its simple but still powerful, and the app store keeps it this way, sure its apples cash cow but you will never get infected via app store as apple check and double check all applications.

Thats really it, because apple is on the ball about security, it stays secure. not as secure as Linux, but still can stand on its own.

 

Now we come to Windows, the home for viruses.

Why is it such a big target?

Simple... Because it holds majority share in the market, adding to that the kernel is not super secure, and the OS is not also, You must install some form of security on here, it is not as bad as it used to be but still.

Also its hit so many times because viruses are programmed for windows, be ready for a fight if you do get infected by something big, chances are you need Linux to get you out of it.

Yes another OS saving you, if you work in any form of repair or security get used to Linux, it will save Windows so many times, As I shall explain.

I had a customer come to me the other week with a virus saying it was from Interpol, It wasn't but the fact I couldn't even get access to a command terminal there was no hope of getting a form of AV engine on while windows was running.

So call in Linux, Using something like Kali or Fedora you can remove some dangerous threats using ClamAV, once you get it fully updated it can become a dangerous force, and it cleaned it out, took a while but ah well.

You then let malwarebytes clean up the rest.

As you can see I had to rely on 2 different sources to clean Windows, If that was OS X or Linux I wouldn't have had that problem and without Linux I couldn't pull off such removal.

So with Windows some form of security is needed, even if its just stuff like browser based stuff your better off, don't rely on MS integrated security.

 

Okay I think I covered the basics with the OSes tomorrow I shall be going into more in depth stuff :)

Again any comments feel free to post them :) any corrections or additions also :) we are not all perfect in the subject :)

 

I'm really enjoying these, keep them up. I haven't learned anything new from them yet but I'm sure I will pick something up eventually. Also this is good stuff for pretty much everyone on the forum to read/know. I wish more people kept blogs like these on the site.

good stuff. The more i here about linux  the more I think it is a viable os. I have only tried it on vm with backtrack5 but for my new build linux will be 1st os. Thanks for the info 

Your right in many ways, but a few corrections could be applied. Yes, the Linux kernel is very secure, but it is (sometimes) the implementation of distro's, leaving behind some passwords. It is true that Linux is very safe, but there are some flaws in some distro's. However, as you pointed out, everything gets patched out very quickly. 

On the other hand, when you update something in Linux, things can also be broken because of the fast nature of the distro's development houses. It happened on multiple occasions that my Ubuntu update ruined everything. Ubuntu is not the best Distro, but you can't argue is one of the more maintained ones.

The reason why people don't pick up Linux is due to the software library (as pointed out by Linux devs themselves http://www.youtube.com/watch?v=Sh-cnaJoGCw), and because of the nature of software, that some exploits could be hidden in them, it is true that Linux is safer, but at a cost. But nontheless I really like Linux.

Drawing the conclusion that Mac OSX is based upon Linux is wrong. They have the same father, UNIX, but they are not the same.

Glad you posted, sorry if I sound to harsh, I don't want it to come over that way. :)

Yeah, OS X has no relation to Linux. It is actually a descendent of NeXTSTEP, and the modern versions borrow from FreeBSD rather than Linux.

https://en.wikipedia.org/wiki/NeXTSTEP

https://en.wikipedia.org/wiki/Darwin_%28operating_system%29

https://en.wikipedia.org/wiki/XNU

Okay thanks for the update, I shall update the post soon :), And i had a feeling it was freeBSD after i wrote it, I knew it was a descendant of NeXTSTEP, weird how jobs said dont go for BSD and now they do lol