Windows NT 4.0 C2 Evaluation finished

DevNu11 writes "Windows NT 4.0 SP6a + Hotfixes + Trusted configuration finished evaluation under the TCSEC program. This page has a configuration guide for deploying a system in a C2-evaluated configuration. A text on the bottom of the page points out the differences of NT being secure and that someone could configure NT to be secure."

Modification list to NT

[Sulka]

Procedure for C2 NT installation, from the doc:

Unpack and set up hardware
Set power-on password
Install Windows NT
Restart Windows NT as Administrator
Verify video driver
Install Printer and Tape Drivers
Install Service Pack 6a
Install C2 Update (KB Q244599, Q243405, Q243404, and Q241041)
Enable hardware boot protection
Remove the NetBIOS Interface service
Disable unnecessary devices
Disable unnecessary services
Disable Guest account
Remove OS/2 and POSIX subsystems
Secure base objects
Secure additional base named objects
Protect kernel object attributes
Protect files and directories
Protect the registry
Restrict access to public Local Security Authority (LSA) information
Restrict null session access over named pipes
Restrict untrusted users' ability to plant Trojan horse programs
Disable caching of logon information
Allow only Administrators to create shares
Disable direct draw
Restrict printer driver installation to Administrators and Power Users only
Set the paging file to be cleared at system shutdown
Restrict floppy disk drive and CD-ROM drive access to the interactive user only
Enable NetBT to open TCP and UDP ports exclusively
Modify user rights memberships
Set auditing (if enabled) for base objects and for backup and restore
Disable blank passwords
Restrict system shutdown to logged-on users only
Set security log behavior
Restart the computer
Update the Emergency Repair Disk

No POSIX, eh? I can understand most of the mods, but to me it seems like the machine pretty much becomes a dumb terminal after all of this.

sulka

Linux and C2 certification

[mertner]

What would it take to get a version of Linux certified in the same way? Lots of money, or just lots of carefully configured pices of software? Is it not something

While I think general consensus is that NT's C2 certification is pretty useless (it has to be configured in a way to make it of even less use than normally), it still puts NT on the scoreboard when compared against Linux.

Re:Linux and C2 certification

[Hawke]

Um, B-rated OS's require MAC capability. I do not believe OpenBSD has that. At the B level, its not just an administration thing. The MAC component really makes the systems unusable for normal work.

MAC == Mandatory Access Control. Basically the OS supplies some rules about resoruce access that trump the rules provided by permissions. Think of tagging processes with a tag like "Secret". A process running at Secret can open Secret, Classified, and Unclassified files, but everything it writes is always tagged Secret. It can't read TopSecret files or write to them.

By the time you add in control of covert channels, you have to jump through some really weird hoops to get a B rating.

C-2 rated systems require a Secure Attention Key (basically some way to guarentee you have a real-login screen, and not a fake one. Ctrl-Alt-Delete in NT) which I don't think the Open Source unixen have yet. Other than that we're in good shape.

Solaris has a B-2 rated OS (Trusted Solaris) and a C-2 rated OS if I recall correctly. C-2 mode on a Solaris box turns on a lot of auditing, turns off Stop-A, and does a few other things I forgot.

C2 Evaluation -Full Text-

[Money__]

I've taken the liberty of converting the most of the C2SecGuide.doc to HTML and posting here: http://slashdot.org/comments.pl?sid=9999

Your comments welcome!