Solved

Hardening guide / standard used on ATM machines

Posted on 2016-07-17
4
428 Views
Last Modified: 2016-07-19
Q1:
Anyone can point me to such a standard / guide?
In particular those used by Wincor Nixdorf or IBM or NCR (anyone of them).

Q2:
Are these ATMs running on custom Linux or custom Windows or proprietary OS mostly?
0
Comment
Question by:sunhux
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 49

Accepted Solution

by:
dbrunton earned 210 total points
ID: 41715878
0
 
LVL 7

Assisted Solution

by:Fouad Maidine
Fouad Maidine earned 200 total points
ID: 41715923
Europol  has a general hardening guide for all ATM'S , check the page 7 of this document for what to do (its a 10 page document) :

http://www.ncr.com/wp-content/uploads/EuroPol_Guidance-Recommendations-ATM-logical-attacks.pdf


Anti skimming solutions for ATM :

http://ec.europa.eu/internal_market/fpeg/docs/annex2_askimmingdevices.pdf

This is gold : the atmia association has a file on "ATM Software Security Best Practices Guide Version 3"  :
https://www.atmia.com/files/Best%20Practices/ATMIA%20Best%20Practices%20v3.pdf

their website has a lot of usefull whitepapers as well

For your second question :

Most of the old text based ATM's used IBM's OS/2, then some migrated to nt/XP after then end of service of xp some updated to 7 , others to linux , others kept xp .

You can read more on that and the statistics for some users at the atmia association website
0
 
LVL 7

Assisted Solution

by:Fouad Maidine
Fouad Maidine earned 200 total points
ID: 41715926
+ you need to search for manuals of specific models , this is too general to link , + i think you would need to register on the web sites of the manufacturers of the atm
0
 
LVL 12

Assisted Solution

by:DarinTCH
DarinTCH earned 90 total points
ID: 41716283
So there are physical hardening parameters that are machine / hardware specific as mentions

Otherwise it is the OS - yes still Windows XP

So check some of the standards rods like NIST

http://csrc.nist.gov/itsec/SP800-68r1.pdf
And older link from infosec
http://infosecawareness.in/sysadmin/windows-xp-hardening

And links to discussions here
https://www.experts-exchange.com/questions/23263787/XP-OS-Hardening.html
0

Featured Post

More Than Just A Video Library

Train for your certification. Learn the latest DevOps tools. Grow your skillset to do better work.

At Linux Academy, we release new training modules every week so you'll always be up to date on the latest tech.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of you may be aware of the recent Google Docs scam emails that have been floating around coming from various people that you know. Here's a guide on identifying How To Identify the Scam Email You will see an email from someone you’ve had co…
Recovering from what the press called "the largest-ever cyber-attack", IT departments worldwide are discussing ways to defend against this in the future. In this process, many people are looking for immediate actions while, instead, they need to tho…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question