The Unix operating system--in all of its variants--is similar to NT in that its architecture includes security considerations. Unix security is on a par with NT's, although Unix security is somewhat simpler and less granular than that of NT. Unix has something of an advantage from having been in existence longer than NT and therefore having had more field-testing. However, Microsoft has been diligent in correcting NT's security vulnerabilities and the resulting rapid maturation of NT has made its security as good as that of Unix. (Microsoft also argues that it has sold many more copies of Windows NT than competing vendors have sold of Unix. Thus, Microsoft says, NT has a much larger number of "system hours," which is multiplying the number of users times amount of time they've used the product, than the leading Unix implementation.) Unix authentication entails verifying a user's ID and password against account information stored in Unix's file system. Like NT, Unix stores passwords in encrypted form, allowing for both plaintext and encrypted password login processes, depending on the implementation. But it's worth pointing out that many Internet protocol servers for Unix, such as Web servers and mail servers, use basic authentication--clear-text passwords. While SSL can protect such implementations from man-in-the-middle attacks, many companies don't use SSL on corporate intranets because of the performance hit it entails. Instead, they use basic authentication. Because Microsoft has integrated them with NT, Internet Explorer and IIS can use LM authentication, which is at least better than clear text. Other Web servers and clients don't support it, however, so customers have to choose between better security and interoperability.
|
|
|
|
|
|
|
|