OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
NTSecAdvice Archives: Re: Windows NT 4.0 and C2 - New certs

Re: Windows NT 4.0 and C2 - New certs


Subject: Re: Windows NT 4.0 and C2 - New certs
From: Paul L Schmehl (paulsUTDALLAS.EDU)
Date: Fri Dec 03 1999 - 16:49:30 CST


This is a common misperception which is repeated by *nix lovers over and
over again. NT 3.51 received C2 cert *for the OS*, a setup which is very
common and which a number of *nixes have also received. (Most certified
*nix systems are either C2/OS or B1/OS.) It's simply easier and less work
(and cost) to get certified that way than it is to certify an entire
network.

AAMOF, the only *networking* system that I'm aware of having received a C2
cert is Novell's Netware 4 system. I know that Boeing Corp received an A1
cert for their entire network, an accomplishment that is very rare.

Furthermore, for an entire network system to be C2 certified, it would have
to have the *exact same* hardware and configuration, down to the network
interface cards, the switches, etc., that the qualifying OS had when it
received the certification, something which is next to impossible to
sustainably achieve.

As to whether or not NT 4.x is *actually capable* of C2 level security, I
guess you would have to question the government agency that does the
certification. Apparently *they* thought it was. Or perhaps you believe
they're willing to hand out certs in return for favors?

No OS is secure out of the box. They have to be configured carefully to
get a C2 cert.

Paul L. Schmehl, paulsutdallas.edu
Technical Support Services Manager
The University of Texas at Dallas

_____________________________________________________________________
** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"
SEND ALL COMMANDS TO: listservlistserv.ntsecurity.net



This archive was generated by hypermail 2b27 : Fri Dec 03 1999 - 18:16:02 CST