Networking Environments File System Security Report

Exclusively available on Available only on IvyPanda® Made by Human No AI

Introduction

A files system security is a critical and integral component of both the Linux and Windows XP file systems on a networking environment. Typically, controlled access to data stored in servers should be provided using a mechanism specific to each of the operating systems mentioned above. File system security is a mechanism that provides secure file access by protecting files on transmission on a network through unauthorized modifications or denial of services. Typically, the Linux command line uses the “chmod” command where the user is able to apply the change the mode typically defined in the syntax descriptive of the user account as “u”, use of the “g” that denotes a group which owns a file, “o” that designates others, and “a” designating all the mentioned elements. On the other hand, the Windows XP security files system is intended to provide string data integrity, with reliable transfer of data over a networked file system on the Windows XP network file systems (NFs).

Linux Security Files System

An investigative report on NFS security provides an overview of largely the same permissions with different attributes as tabulated below:

Linux Security Files System

From the above table, one can note that full control access is in the domain of permissions that allow the modify directory, the read operations, ownership control and capabilities, and the permission to alter or modify the attributes of a file. All other operations for full control are typically detailed in the above table (Atkinson & Kent, 1998)

However, special permissions come with special attributes of files when they are moved on a network file system with special permissions that override the parent directory. A typical example is illustrated on the screen shot shown below typical of the modification of a password. The modification of the password is for administrative user accounts allowing for access privileges to be assigned to the file system administrator (Allison, Hawley, Borr, Muhlestein & Hitz, 1998).

Linux Security Files System

Screen shot for password modification

It is important to note that the validation and verification of the user password to prevent unauthorized access on the Linux file system environment is through the pam_pwcheck.so module implemented as the context of Suse program among others. On the technical implementation level, file system security depends on the features descriptive of the create extent feature as demonstrated below.

Screen shot for password modification

Screenshot for file permissions

The above demonstration shows the use of the ls –l command and the resulting behavior of the system. That is typically for a normal user of the system. If the line 3 is examined, one can see the first point of the permission on the first file. A detailed examination of the permissions as mentioned elsewhere on the paper about Linux permission is on three levels Kumar, 2009). The permissions are tabulated below.

Name of the permissionCharacter description in alpha attributeThe Numeric valueDetailed description
The read operationr4Allows users to controlled access to files and directories in the Linux file system.
The execute operationx1Allows scripts to be run through a directory.
The write operationw2Grants users the rights to modify data and files by adding content, deleting content, or altering the contents in a file.
The sticky bitt1Allows the directories to be set so as to prevent user from accidental or intentionally modifying or deleting files of other users.

Technical research and observations indicate that the Linux command line uses the “chmod” command to enable the user to apply the change mode typically defined in the syntax descriptive of the user account as “u”, use of the “g” that denotes a group which owns a file, “o” that designates others, and “a” designating all the mentioned elements. On the other hand, the Windows XP security files system is intended to provide string data integrity, with reliable transfer of data over a networked file system on the Windows XP network file systems (NFS). A technical demonstration illustrated below (Kumar, 2009).

Screenshot for file permissions

The flow and use of the alpha character permission can be clearly discerned from the screenshot as being rw-r–r—with the hierarchy of permission at different levels.

However, when intending to change the permissions on say file 1, the “chmod” can be used to modify the permission on the file 1 as mentioned above to enable the users of rwx group as illustrated on the following screenshot.

Screenshot for file permissions

On the other hand, the “chgrp” command can be used to modify the group owner directory as demso9nstated below.

Screenshot for file permissions

On the other hand, the acl that requires different levels of access demand that assignment and review permissions be applied at the granularity levels and can be used to modify the /etc/fstab file.

In comparison to Windows XP, the SELinux variant of Linux is typically defined by close to 140 permissions checks irrespective of whoever could be the user. On the other hand, these checks are defined in the context of the Windows XP as mandatory access control referred to as MAC. Security policies on the environment can be implemented through user control mechanisms.

A demonstration of the installation of the fedora allows the user to select the type of policies to be enforced.

Screenshot for file permissions

An examination of the sestatus –v command used in the Linux environment reveals the following output.

Screenshot for file permissions

Use of the sestatus –v command

Sticky Bit

In order to understand the use of the whole security system in the context of the Linux operating system file security system environment, the sticky Bit plays a critical role in limiting users from modification and deletion of files and directories in areas of common use by common users.

Typically, the sticky bit permission is designated by the “t” character and allows explicit transfer of information to the kernel for the protection of files as mentioned above. The security enforcement does accounts for even the world-writable environments by offering protection to files in the same environment.

Suppose a file exists with the name and extension, booklist.txt. Suppose the read operation is the only privilege granted a group of users, then, the command, chmod g=r booklist.txt applies. On the other hand, suppose the world is granted the privilege to read the file dates.dat, then the command, chmod o=rw dates.dat, applies. On the other hand, suppose the file system administrator wants to revoke group privileges on the files.lst, then the command chmod g= files.lst invokes the action.

Technically, the Linux environment incorporates a firewall which if the iptables –list command is invoked by a root user, then, a chain of a grouping of rules is identifiably demonstrated as an output below.

Sticky Bit

A practical example of the sticky Bit with a directory example is demonstrated below.

Sticky Bit

Sticky example with Directory

Access descriptions are summarized below.

Sticky Bit

A summary of operations

SUID Bit

On the other hand, the SUID Bit, simply referring to, “set user identity”, automatically defaults the identity of a program to the owner when in the running mode. Further still, the Linux environment allows non-privileged users to accommodate the functions of privileged functions.

An evaluation of the operational functionality and behavior of the system can be exemplified as follows:

The mount command allows a program to run as a root with the suid bit set, a functionality achieved by default. Technically, the default behavior of the operation is demonstrated below.

SUID Bit

Example of command for modifying file permissions

One typical observation is that when the suid bit is invoked, it modifies the password of the directory leaving out the root only when using the command: /usr/bin/passwd.

Windows XP Share Level Security

Purpose of share level permissions and machines applicable to share level workgroups.

The purpose of the share level permissions is to allow the user and other parties to have an access to, and view files and directories that are common to groups over the network. The permissions allow users to have controlled access and capabilities to modify data and information contained in files and folders. In addition to that, the permissions allow users to have complete access to files with the entre capability to modify the files in the user groups. Therefore, the three objectives are fulfilled typically describing the three shared level permissions.

The machines affected

The machines affected by the share level permissions in the work group include Stand-alone Servers, print servers, file and print servers, domain member servers, and directory member servers, among others.

Access permissions for the machines

The following is a typical example of the access permission at the machine level.

Typical access permissions at the machine level typical of the machines include the use of the smb.conf file command with the result, [global]
workgroup = DOCS
netbios name = DOCS_SRV
security = share
[data]
comment = Documentation Samba Server
path = /export
read only = Yes
guest only = Yes

Example of access permission

Connecting a shared resource

Two resources can be connected by establishing the parameters descriptive of the DeviceName, using the ComputerNameShareName path. Other parameters will include username, password, and server name.

The role of the SAM in Microsoft sharing

Microsoft SAM is a speech utility mechanism that when invoked as a command allows sharing of speech data and information that is stored in files and related directories.

Windows XP NTFS Security

Purpose of NTFS and Resources affected by File Permissions

The purpose of the Windows XP NTFS security permissions are used to provide controlled access to files and folders. The access levels are determined at the levels of user groups, files and folders. Typically, the attributes that provide controlled access to files extends to files, folders, and sub-folders. Each access level is designated with a specific user level permission.

Access levels can be applied on users who want to perform the read and write operations. That implies that the access levels can be denied a user wanting to make a read operation or a user wanting to make a read operation. However, the read and write operations can be overridden by the use of the Deny command, allowing the security features to be completely overridden.

As discussed in the NTFS on the paper, the folder, and sub folder permissions can be under full control, susceptible to modifications, and can be modified by use of the list Folders Contents commands.

Allison, et. al, (1998) argue that a variety of resources are affected by the permissions include files being moved within a partition when the need to create a new file is not applicable. The solution to the problem is to update the specific location in the directory while maintaining the original attribute of the permission of the file.

Typically, the permissions include, in summary, file and folder permissions, and special folder permissions a discussed below.

Each permission has on files and folders

A detailed evaluation of the access permissions and classification include the all the files, folders, and sub folders mentioned above are tabulated below.

However, it is important to identify the file special permissions granted, the levels of full control attributes, the modify levels, read, and execute privileges as illustrated in the table below.

Each permission has on files and folders

Special permissions on the tabulated files

On the other hand, the access permissions on various files are tabulated below.

Special permissions on the tabulated files

Special permission privileges

In brief, special access permissions are typically a combination of different attributes characteristic of other permissions as an accumulative functionality. It is worth noting that file permissions are given greater prevalence compared with folder permissions.

Difference between the NTFS and the Share level permissions

NTFS permissions are typically defined by the sharing and visibility of the share folders and the server with typically specific levels of access. Typically, the shared level permissions and the NTFS permissions are applicable on a single folder. While the shared level permissions can be effected on the read, write, and other modification controls. A typical example is where shared permissions and NTFS permissions are shown below (Kumar, 2009).

From the view of a group of users, shared permission grants full access while NTFS grants a read level control only. On the other hand, when the shared permission is applied on a group, the NTFS acquires a full control as summarised in the table below.

Advantages of Windows ACL’s compared with the Linux equivalent

Windows can accommodate migrations from Linux while the operating system is running. Windows can support files from Linux on the Samba platform. Windows accommodated configurations from a Linux server environment without any domain on Linux (Atkinson & Kent, 1998).

Conclusion

Networking Environments File System Security for both Linux and Windows XP are mechanisms that provide controlled access to directories, files, folders, and sub folders when either being transmitted over a networked platform or when accessed remotely. The security mechanism allows modifications on the by privileged users of using various commands typical each of each operating system. Examples include the ls –l command, the “r”, “w” operations and the “t” bit. The Windows XP acl and other mechanisms offer more security advantages to Linux on a networking environment. Despite the above investigations, more research needs to be conducted on the kernel structure of the both operating systems to further inform the research.

References

Allison, B., Hawley, R., Borr, A., Muhlestein, M & Hitz, D. (1998). File System Security: Secure Network Data Sharing for NT and UNIX. Washington: Seattle.

Atkinson, R., & Kent, S. (1998). Security architecture. Oxford: Oxford University Press.

Kumar, M. (2009). An Enhanced Remote User Authentication Scheme with Smart Card. International Journal of Network Security, 10 (3), 175-184. Web.

More related papers Related Essay Examples
Cite This paper
You're welcome to use this sample in your assignment. Be sure to cite it correctly

Reference

IvyPanda. (2022, March 31). Networking Environments File System Security. https://ivypanda.com/essays/networking-environments-file-system-security/

Work Cited

"Networking Environments File System Security." IvyPanda, 31 Mar. 2022, ivypanda.com/essays/networking-environments-file-system-security/.

References

IvyPanda. (2022) 'Networking Environments File System Security'. 31 March.

References

IvyPanda. 2022. "Networking Environments File System Security." March 31, 2022. https://ivypanda.com/essays/networking-environments-file-system-security/.

1. IvyPanda. "Networking Environments File System Security." March 31, 2022. https://ivypanda.com/essays/networking-environments-file-system-security/.


Bibliography


IvyPanda. "Networking Environments File System Security." March 31, 2022. https://ivypanda.com/essays/networking-environments-file-system-security/.

If, for any reason, you believe that this content should not be published on our website, please request its removal.
Updated:
This academic paper example has been carefully picked, checked and refined by our editorial team.
No AI was involved: only quilified experts contributed.
You are free to use it for the following purposes:
  • To find inspiration for your paper and overcome writer’s block
  • As a source of information (ensure proper referencing)
  • As a template for you assignment
1 / 1