Analyzing Operating Systems and Small Office/Home Office Networks
Part 1: Service and Infrastructure Discovery
SOHO networks
Small Office Home Office (SOHO) networks and other networks contain various network nodes that make them mixed networks. For example, SOHO networks could contain printers, smart TVs, smartphones, tablets, PCs, laptops, routers, VoIP phones, switches, routers, and DHCP servers (Kavalaris & Serrelis, 2015). Larger office networks could contain more devices, including IP cameras, biometric devices, and network storage devices. Though all those network devices are found in a single network, they could be running on different operating systems. For example, tablets could be running on Windows 8, laptops on MAC OS, PCs on Linux, smartphones on iOS, and routers on Linux.
The mix in operating systems is mainly based on usability and security (Kavalaris & Serrelis, 2015). Windows is largely used because it is easy to understand and maneuver. Linux and Apple OS are better than Windows in terms of security. Also, Linux is free and open-source. Programmers prefer the open-source feature because they can customize their working environments. Small businesses prefer using Linux because it is free software, unlike Windows and Apple OS, where purchasing a license is required. Therefore, it is likely to find basic computer users on a Windows PC in a small business office and technical staff on a Linux PC.
All network nodes should be configured accurately, and security measures for each device activated to boost security on SOHO networks (Kavalaris & Serrelis, 2015). For example, a Linux SOHO router should be used and configured appropriately on a SOHO network. This would include firewall configurations such as Access Control Lists. Other network nodes such as Windows PC should be configured for users to work on non-administrator accounts. When a user uses a Windows PC with administrator rights, it is easy for malware to use the same account to execute malicious software. Therefore, administrator rights should be avoided and requested when users require them. Linux operating systems are configured to request root access only when needed. Therefore, users are automatically on non-administrator rights. However, it is unlikely to have all network nodes on a SOHO network running on Linux. A SOHO network’s security would also be improved by disallowing unsafe devices. For example, android rooted devices could easily be exploited, hence, compromising the network. It is expected that Android phones would be part of a SOHO network because they are easy to use and are cheaper than iOS phones.
Relation between Unix/Linux and Apple OS X
Both Linux and Apple OS X are operating systems used on PCs and Laptops (Adekotujo et al., 2020). Their major difference is that Linux is open source, hence, free, while Apple OS X is not. Linux and Apple OS X are hard to infest with viruses compared to Windows (Adekotujo et al., 2020). This is because Linux is open source and Apple OS X is not largely used compared to Windows (Adekotujo et al., 2020). Therefore, Windows is targeted more by hackers and other malicious persons. On compatibility, Linux and Apple OS X support fewer programs than Windows. For example, Windows can run a wide range of computer games compared to Linux and Apple OS X (Adekotujo et al., 2020). A Graphical User Interface is used in Linux and Apple OS X (Adekotujo et al., 2020). However, Windows GUI is reported to be more user-friendly than Linux and Apple OS X (Hasnain & Rafi, 2019). PowerPC computer architecture is used in Linux and Apple OS X (Adekotujo et al., 2020). Both Apple OS X and Linux use bash shell terminals. Monolithic modules kernel type is used in Linux and Apple OS X (Adekotujo et al., 2020)
Linux and Apple OS X have more differences than similarities (Hasnain & Rafi, 2019). Despite both being operating systems, their functionalities are preferred by different professionals. For example, graphic designers prefer using Apple OS X while programmers and other skilled IT persons prefer Linux (Hasnain & Rafi, 2019). The cost of acquiring Apple OS X is higher than acquiring Windows. While acquiring Linux is free. Linux is used on servers, while Apple OS X is hardly used on servers (Adekotujo et al., 2020). On reliability, Linux is more stable compared to Apple OS X.
Zenmap Scanner
Zenmap is a tool used to scan a network and perform penetration testing (Kumar & Tlhagadikgora, 2018). Zenmap can illustrate loopholes on a network through pen tests by printing out a report on the vulnerabilities found. For example, the report could contain information on all open ports and what they are being used for (Kumar & Tlhagadikgora, 2018). It can also contain information on all network nodes on a network. This is important in identifying network node intruders in a network and their activities. Information provided by a Zenmap penetration test is important in performing proactive maintenance on network security.
Part 2: Exploiting UNIX and Windows Systems
Windows 2000 and Microsoft Webserver
Installing Internet Information Services by default, as was the case when installing Windows 2000, could expose the system to extensive exploits on NNTP, FTP, and SMTP (Odabi & Osazuwa, 2013). Over the Web, an exploit on IIS would be achieved through HyperText Transfer Protocol (HTTP). The HyperText Transfer Protocol exploit would have the biggest impact (Odabi & Osazuwa, 2013). Essentially, this is because HTTP would be used to reach the IIS from the internet and exploit internal server services such as file transfer. A malicious person could send requests to the server and obtain information that would be used to further exploit the server (Odabi & Osazuwa, 2013). Therefore, default installation settings on IIS can be dangerous. The person installing Windows 2000 should have been allowed to choose installation options for IIS so that proper security configurations would be made.
Vulnerabilities on Microsoft web servers included denial of service attacks, IP spoofing, phishing, and SQL injection (Mirdula & Manivannan, 2013). Denial of service attack renders services unusable to legal system users. This is done when attackers overload the server making it slow and unable to respond to user requests. In IP spoofing, attackers send requests masquerading as a trusted host, and when the request is accepted, the exploit is executed (Mirdula & Manivannan, 2013). The user accepting the request is blocked as the hacker obtains the network’s information. Phishing is where information is obtained through websites and emails and used to defraud users (Mirdula & Manivannan, 2013). For example, bank account information and passwords could be obtained by hackers, and they make electronic transfers or payments. SQL injection through a web server is done by sending malicious code into the server and executing it (Mirdula & Manivannan, 2013). The code would enable hackers to obtain sensitive information or damage the entire data on a server.
Linux and Microsoft Firewalls
A perimeter firewall is thorough when adequately configured (Mihalos et al., 2019). Accordingly, this ensures that only authorized packets are allowed into an organization. Also, only the allowed packets can be sent out of the organization’s network. However, network security could be solved by a perimeter firewall, but bottleneck problems would suffice. The problems include slow network traffic and wireless networks (Mihalos et al., 2019). As the perimeter firewall checks packets against the configurations provided, the network flow is slowed down. In wireless networks, a single firewall would not efficiently protect the network (Mihalos et al., 2019). This is because wireless networks cannot be controlled like wired ones. Therefore, different classifications of firewalls would be used to protect a network for improved security. These include firewall topologies, network layer firewalls, firewall basing, and higher-layer firewalls (Mihalos et al., 2019). These would ensure that different levels of the networks are secured before getting to the perimeter firewall. For example, a server could have a host-based firewall. This firewall would be efficient in filtering outgoing and incoming packets at the server level and help with eliminating slow traffic at the perimeter firewall (Mihalos et al., 2019). Firewall topologies can use demilitarized zone firewalls. This would allow outbound for separate networks that can be introduced between an organization’s internal and external networks (Mihalos et al., 2019). In such a scenario, the DMZ would provide inbound access restricted to part of the internal network.
Further, Linux distros require that the consumer make their configurations for the firewall function (Yaswinski et al., 2019). Therefore, Linux distros do not come with ready firewalls because they are inactive until configured. Linux repositories contain iptables that are used to handle firewall configurations. This includes filtering IP packets (Yaswinski et al., 2019). Additionally, a command-line interface is used to configure the iptables.
Microsoft’s Internet Connection Firewall (ICF) allows consumers to make port mapping alterations and enable or disable connections (Microsoft, 2018). Changes are only allowed for the local computers. Local computers display a notification whenever port mappings have been changed (Microsoft, 2018). Therefore, remote port mappings cannot be done without NAT Traversal API. Applications are allowed to make configurations on the internet connection firewall (Microsoft, 2018). However, administrator rights would be required to make configuration changes. Users without administrator rights can only read configurations. Also, ICF does not support network bridge connections, direct cable connections, or private connections (Microsoft, 2018).
References
Adekotujo, A., Odumabo, A., Adedokun, A., & Aiyeniko, O. (2020). A Comparative Study of Operating Systems: Case of Windows, UNIX, Linux, Mac, Android and iOS. International Journal of Computer Applications, 176(39), 17-24. https://www.ijcaonline.org/archives/volume176/number39/adekotujo-2020-ijca-920494.pdf
Hasnain, S. G., & Rafi, F. A. (2019). Windows, Linux, Mac Operating System and DecisionMaking. International Journal of Computer Applications, 177(27), 11-15. https://www.researchgate.net/publication/338007102_Windows_Linux_Mac_Operating_System_and_Decision_Making
Kavalaris, S., & Serrelis, E. (2015). Multimedia Implementations for SOHO Networks and Their Security Issues: Opening Pandora’s Box with Sonos and SonosNet. International Journal of Cyber-Security and Digital Forensics, 4(3), 453-468. https://www.researchgate.net/publication/282391898_Multimedia_Implementations_for_SOHO_Networks_and_Their_Security_Issues_Opening_Pandora’s_Box_with_Sonos_and_SonosNet
Kumar, R., & Tlhagadikgora, K. (2018, July). Internal Network Penetration Testing Using Free/Open Source Tools: Network and System Administration Approach [Paper presentation]. Second International Conference, ICAICR, Shimla, India. https://www.researchgate.net/publication/329225037_Internal_Network_Penetration_Testing_Using_FreeOpen_Source_Tools_Network_and_System_Administration_Approach_Second_International_Conference_ICAICR_2018_Shimla_India_July_14-15_2018_Revised_Selected_Pa
Microsoft. (2018, May 31). About internet connection sharing and internet connection firewall. Developer tools, technical documentation and coding examples | Microsoft Docs. https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ics/about-internet-connection-sharing-and-internet-connection-firewall
Mihalos, M. G., Nalmpantis, S. I., & Ovaliadis, K. (2019). Design and Implementation of Firewall Security Policies using Linux Iptables. Journal of Engineering Science and Technology Review, 12(1), 80-86. https://www.researchgate.net/publication/341370438_Design_and_Implementation_of_Firewall_Security_Policies_using_Linux_Iptables
Mirdula, S., & Manivannan, D. (2013). Security Vulnerabilities in Web Application – An Attack Perspective. International Journal of Engineering and Technology, 5(2), 1806-1811. https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.411.9277&rep=rep1&type=pdf
Odabi, O. I., & Osazuwa, L. (2013). Penetrating Internet Information Services (IIS). West African Journal of Industrial and Academic Research, 9(1), 70-81. https://www.ajol.info/index.php/wajiar/article/view/105727
Yaswinski, M. R., Chowdhury, M. M., & Jochen, M. (2019, May). Linux Security: A Survey [Paper presentation]. 2019 IEEE International Conference on Electro Information Technology. https://www.researchgate.net/publication/335795125_Linux_Security_A_Survey
ORDER A PLAGIARISM-FREE PAPER HERE
We’ll write everything from scratch
Question
Part 1: Service and Infrastructure Discovery
1) Why are most networks even small office/home office (SOHO) networks considered mixed networks in terms of operating systems? Give some common examples of devices in a typical home that might be running Linux or a derivative of it. 400 words minimum.
2) How are Unix/Linux and the Apple OS X related? 300 words minimum.
3) Explain how Zenmap can be used to enumerate vulnerabilities. 100 words minimum.
Part 2: Exploiting Unix and Windows Systems
1) When Windows first released Windows 2000, a default install resulted in IIS being installed and running. Why do you think Microsoft was criticized for this? What are some vulnerabilities present in early versions of Microsoft’s Web server? 300 words minimum.
2) What are some of the problems that might result from only deploying a firewall at the perimeter of an organization? Do most Linux distros come with a firewall? If so, explain it. What are some of the features of Microsoft’s “Internet Connection Firewall”? 400 words minimum.