Metodología OSSTMM para la detección de errores de seguridad y vulnerabilidad en sistemas operativos de 64 bits a nivel de usuario final.

Abstract

The objective of this research work is to apply an Open Source Security Testing Methodology Manual (OSSTMM) for the detection of security and vulnerability errors of operative systems of 64 Bits at a final user level. The information about the most frequent vulnerabilities found in the operative system 64 Bits Windows was collected. Also, the OSSTMM was used, analyzed and applied in order to solve these vulnerabilities on computers. The application of this methodology is sustained on four phases according to the requirements of this work: 1) gathering information, 2) analysis of the vulnerabilities of the system, 3) evaluation of risks, and 4) user training. The results detected 95% of safety error and vulnerability of 64 Bit Windows. These errors are completed by the final users because of ignorance about configuration and safety actualizations. The computer 64 bit windows systems should have update protection in order to avoid being hacked to steal or manipulate equipment and data. As a conclusion, it could be said that the final users are the ones who cause exposure of the equipment to safety errors and ambiguous knowledge on computer information safety. It is recommended to start applying OSSTMM to detect safety errors on computers and to train the final users to use the computer equipment correctly.