Windows and UNIX Security

1. Introduction

Windows and UNIX are two of the most widely used operating systems in the world. Both
have built-in security features to protect the system and user data from unauthorized access
and threats. However, their security models differ in architecture, design philosophy, and
implementation.

2. Windows Security

Windows OS, developed by Microsoft, uses a robust and integrated security framework
designed to protect the system and user data.

2.1 Key Security Features in Windows

(i) User Authentication

• Uses username and password for login.

• Supports multi-factor authentication, biometrics (Windows Hello).

• Authentication protocols: NTLM, Kerberos (in domain environments).

(ii) Access Control

• Based on Access Control Lists (ACLs).

• Every object (file, folder, etc.) has a Discretionary ACL (DACL) defining permissions
for users/groups.

• Uses Security Identifiers (SIDs) to represent users.

(iii) Security Account Manager (SAM)

• Stores user account information and passwords (in encrypted format).

• Passwords are hashed using NT Hash algorithm.

(iv) Group Policy

• Allows centralized management of security settings across a network.

• Controls password policy, user rights, software installation, etc.

(v) Windows Defender and Firewall

• Built-in antivirus and anti-malware tool (Windows Defender).

• Windows Firewall protects against network-based attacks.

(vi) File System Security

• Uses NTFS (New Technology File System) with built-in security features.

• Supports file encryption (EFS) and permissions.

(vii) Patch Management

• Regular updates from Microsoft to fix vulnerabilities.

• Automatic updates via Windows Update.

3. UNIX Security

UNIX is a multi-user, multitasking OS known for its simplicity and stability. Security is based
heavily on permissions and file ownership.

3.1 Key Security Features in UNIX

(i) User Authentication

• Simple login using username and password.

• Passwords are stored in /etc/shadow in hashed form.

• Uses PAM (Pluggable Authentication Modules) for flexible authentication.

(ii) File Permissions and Ownership

• Every file has an owner, a group, and permission bits.

• Three permission types: read (r), write (w), execute (x).

• Permission levels for owner, group, and others.

• Uses chmod, chown, chgrp commands to change permissions and ownership.

(iii) Superuser (root) Access

• Root has unlimited access to the system.

• Privilege separation through sudo to avoid full root usage.

(iv) Firewall and Security Tools

• Tools like iptables, ufw (Uncomplicated Firewall) for network security.

• Log analysis tools like syslog, logrotate.

(v) SetUID, SetGID, Sticky Bit

• SetUID: Run program with file owner's privileges.

 • SetGID: Run program with group’s privileges.

• Sticky bit: Restricts file deletion in shared directories.

(vi) Encryption

• File encryption using tools like GPG, OpenSSL.

• Secure remote access using SSH (Secure Shell).

(vii) Patch Management

• Manual or automatic updates using package managers: apt, yum, dnf.

4. Comparison Between Windows and UNIX Security

Feature Windows UNIX/Linux

Authentication NTLM, Kerberos PAM, password file

Access Control ACL-based Permission bits (rwx)

Superuser Administrator Root user

File System Security NTFS, EFS chmod, chown, sticky bit

Patch Management Automatic via Windows Update Manual or apt/yum-based

Firewall Built-in Firewall iptables, ufw

Logging Event Viewer syslog, journalctl

5. Security Best Practices (Common to Both)

• Use strong passwords and enable multi-factor authentication.

• Apply regular security updates and patches.

• Use firewalls and intrusion detection systems.

• Limit superuser/root access.

• Implement backup and recovery plans.