Computer System Vulnerability: Analyzing Risks and Mitigation Strategies - Paper Example

The computer software industry is concentrated with various vendors offering systems with unique and vulnerability levels. Vulnerability in a computer system is a weakness that can be used by cyber attackers in gaining unauthorized access (Hertzog et al., 2017). Vulnerability gives attackers a chance to run code, access data, and information, install malware and steal, destroy, or alter sensitive data. Therefore, an organization needs to analyze the vulnerability of available computer system software vendors before selecting the supplier. SQL injection, buffer overflows, and cross-site scripting are primary techniques of exploiting system vulnerability (Woerner, 2020). The paper analysing possible security measure for the Linux operating system.Comparing Microsoft, Apple, and Linux vulnerabilities, Linux has the lowest weighted average of 5.90. In contrast, Microsoft and Apple vendors have 7.50 and 7.00, respectively ("CVSS Score Distribution for Top 50 Vendors by Total Number of Distinct Vulnerabilities", 2020). The results make Linux more secure because of the least score in vulnerability, becoming the best choice for an organization to select. The venerability of the Linux operating system is by denying services with 45%, overflow, and gain information to have 14% while executing code accounts for 9% vulnerability contribution ("CVSS Score Distribution for Top 50 Vendors by Total Number of Distinct Vulnerabilities", 2020). Linux operating systems are designed to be highly secure. However, a highly reliable system does not mean secured entirely. Security breaches are often introduced by simple misconfigurations, which give a path for infiltration, losing data, and system breaches (Hertzog et al., 2017).

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Order now

The operating system makes the physical environment for running applications (Korkishko et al., 2017). Thus, the vulnerability in the operating system compromises the security of the application. An organization needs to secure the operating system to make an application setting is safe by regulating access to the resources and preventing external admittance. Threats to the system can either be from the web or physical terminal (Hertzog et al., 2017). It possible for Web access to be secure, but an attacker manages to destroy the system through physical access to the servers.

Linux requires several practices and actions to reinforce operating security to prevent the destruction of the system and loss of essential data. The organization needs to reduce user accounts on computer servers to reduce system complexity and vulnerabilities (Woerner, 2020). Having a few user accounts reduces the time spend in account administration. The administrators should be few, trusted, and competent for accountability in the administrative process. Access permission should be limited to individual persons, so for attackers to get access, consent should be given by application users.

Also, to increase Linux security, there should be suitable account policies that promote operating system safety, such as strong passwords and regularly changing passwords. User passwords are tested by breaking the passwords to access the risk level (Korkishko et al., 2017). If a user is not complying with the secure password rule, a notification is sent asking for a password update as per the policies. Linux operating system stores passwords in an open file (passwd file) accessible to everybody. Therefore, to enhance password security, they should be stored in a shadow file (Korkishko et al., 2017).

File system security can be improved by granting users read-only permissions to prevent alteration of sensitive data. Hence for attackers to access the application, user permission is needed. Access to resources should be denied to everyone, except users granted access explicitly (Woerner, 2020). The organization needs regular maintenance of security patches to a safe system.

In safeguarding Linux security gaps, issues of Linux assets and commands should be considered. Securing the BIOS system updates, installing mandatory access control on the kernel, setting audits, safeguarding remote access, network connections, boot-up, and the authentication process are main security features to strengthen Linux operating system (Woerner, 2020). It is hard for guaranteed system security, however taking preventive actions to increase the reliability of the operating system.

References

CVSS Score Distribution for Top 50 Vendors by Total Number of Distinct Vulnerabilities. Cvedetails.com. (2020). https://www.cvedetails.com/top-50-vendor-cvssscore-distribution.php.

Hertzog, R., O'Gorman, J., & Aharoni, M. (2017). Kali Linux Revealed (pp. 283-284). Offsec Press.

Korkishko, T., & Lee, K. H. (2017). U.S. Patent No. 9,697,382. Washington, DC: U.S. Patent and Trademark Office. https://patents.google.com/patent/US9697382B2/en

Woerner, R. (2020). How to Harden Unix/Linux Systems & Close Security Gaps | Beyond Trust. Beyondtrust.com. https://www.beyondtrust.com/blog/entry/harden-unix-linux-systems-close-security-gaps.