Alex Noordergraaf said...
>"Correct, but that is because the Orange book definition of C-2 doesn't have
>any network requirements. (someone please correct me if I am wrong) I
>didn't think that network requirements came into play until the B levels,
notably B-1."
Given that the ability of the system to enforce its security is
dependent on the allowable methods of access, any evaluation of a system
which included networking components would have to evaluate the
capabilities of securing those network connections. Since NT doesn't get
into a decent authentication method until you use NT Server (with its
domain model), evaluating NT with network components without an NT
Server would most likely fail scrutiny. Hence the NT C2 configuration
tool from Microsoft removes all networking components from an installed
system.
NTS is supposedly being evaluated at Red Book level, which I believe
tests Network Operating Systems (client and server)...please correct me
if my terminology is wrong here. If I'm correct, this is still C2, but
C2 for NOS??
The only claim Microsoft can realistically make about NT on a network is
that they designed it to meet C2 criteria, as opposed to adding it on
afterwards. Obviously this statement is very weak what with all the
patches and changes that have been made to NT over the past 5 years,
like modifications to the kernel to move functionality lower (it wasn't
designed to have the GDI in the kernel, so the design was obviously
reconsidered when they decided to move it there).
This doesn't mean that *I* think its insecure, but its a far more
>realistic statement about its security than is generally spoken.
Cheers,
Russ
...eek, quick, someone give me some broken software, I'm suffering beta
withdrawals...
>
|
|
