service
Click on the red underlined text to get to the source
... PC's or other devices that have access to the Internet. A site may
be a end user of Internet services or a service provider such as a
regional network ...
... Internet. A site may
be a end user of Internet services or a service provider such as a
regional network. However, most of the focus of this guide is on
...
... regional network. However, most of the focus of this guide is on
those end users of Internet services.
We assume that the site has the ability to set policies and
...
... authority in on the policy decisions. Though a
particular group (such as a campus information services group) may
have responsibility for enforcing a policy, an even higher group ...
... Denial of Service ...
...
Computers and networks provide valuable services to their
users. Many people rely on these services in order to perform
...
... networks provide valuable services to their
users. Many people rely on these services in order to perform
their jobs efficiently. When these services are not available
...
... users. Many people rely on these services in order to perform
their jobs efficiently. When these services are not available
when called upon, a loss in productivity results.
...
... when called upon, a loss in productivity results.
Denial of service comes in many forms and might affect users in
a number of ways. A network may be rendered unusable by a
...
... virus might slow down or cripple a computer system. Each site
should determine which services are essential, and for each of
these services determine the affect to the site if that service ...
... should determine which services are essential, and for each of
these services determine the affect to the site if that service
were to become disabled.
...
... services are essential, and for each of
these services determine the affect to the site if that service
were to become disabled.
...
... One step you must take in developing your security policy is
defining who is allowed to use your system and services. The
policy should explicitly state who is authorized to use what
...
... o Is cracking passwords permitted?
o Is disrupting service permitted?
o Should users assume that a file being world-readable
grants them the authorization ...
... hack" -- you may face the
situation where users will want to "hack" on your services for
security research purposes. You should develop a policy that will
...
... security research purposes. You should develop a policy that will
determine whether you will permit this type of research on your
services and if so, what your guidelines for such research will
be.
...
... more people or organizations to evaluate the security of your
services, of which may include "hacking". You may wish to provide
for this in your policy.
...
... Your policy should state who is authorized to grant access to your
services. Further, it must be determined what type of access they
are permitted to give. If you do not have control over who is
granted access to your system, you will not have control over who
...
...
There are many schemes that can be developed to control the
distribution of access to your services. The following are the
factors that you must consider when determining who will
distribute access to your services ...
... services. The following are the
factors that you must consider when determining who will
distribute access to your services:
o Will you be distributing access from a centralized
...
... privileges and passwords
for your services. Obviously, the system administrators will need
access, but inevitably other users will request special
...
... The policy should incorporate a statement on the users' rights and
responsibilities concerning the use of the site's computer systems
and services. It should be clearly stated that users are
responsible for understanding and respecting the security rules of
...
...
Before granting users access to your services, you need to
determine at what level you will provide for the security of data
...
... information on a system that you are not going to secure very
well. You need to tell users who might store sensitive
information what services, if any, are appropriate for the storage
of sensitive information. This part should include storing of
data in different ways (disk, magnetic tape, file servers, etc.).
...
... network link typically provides access to a large
number of network services, and each service has a potential to be
compromised.
...
... link typically provides access to a large
number of network services, and each service has a potential to be
compromised.
...
... vendor. Many vendors
provide accounts for use by system services or field service
personnel. These accounts typically have either no password ...
... vendors
provide accounts for use by system services or field service
personnel. These accounts typically have either no password or
...
... files.
Network services should also be examined carefully when first
installed. Many vendors provide default network ...
... network-related
security problems when they involve programs providing network
services, such as "Sendmail". To join the TCP-IP ...
...
Sun Microsystems has contracted with UUNET Communications
Services, Inc., to make fixes for bugs in Sun software
available via anonymous FTP. You can access these fixes by
...
...
FTP.UU.NET is operated by UUNET Communications Services,
Inc. in Falls Church, Virginia. This company sells Internet ...
... FTP. You should contact your vendor to find out if they
offer this service, and if so, how to access it. Some
vendors that offer these services ...
... service, and if so, how to access it. Some
vendors that offer these services include Sun Microsystems
(see above), Digital Equipment Corporation (DEC), the
University of California at Berkeley (see above), and Apple ...
... incident requires considerable resources, resources which could be
utilized more profitably if an incident did not require their
services. If these personnel are trained to handle an incident
efficiently, less of their time is required to deal with that
incident.
...
... critical systems.
Maintain and restore data.
Maintain and restore service.
Figure out how it happened.
Avoid escalation and further incidents.
...
... start to
disappear).
o Denial of service (e.g., a system manager and all
other users become locked out of a UNIX system, which
...
... POC) people (Technical, Administrative,
Response Teams, Investigative, Legal, Vendors, Service
providers), and which POCs are visible to whom.
o Wider community (users).
o Other sites that might be affected.
...
... CERT or CIAC), law enforcement, vendors, and other
service providers. These issues are important for the central
point of contact, since that is the person responsible for the
actual notification ...
... o Restore control.
o Relation to policy.
o Which level of service is needed?
o Monitor activity.
o Constrain or shut down system.
...
...
It is important to establish contacts with personnel from
investigative agencies such as the FBI and Secret Service as soon
as possible, for several reasons. Local law enforcement and local
security ...
... allowed unauthorized people into their systems, etc., because a
caller has masqueraded as an FBI or Secret Service agent. A
similar consideration is using a secure means of communication.
Because many network ...
...
Once the damage has been assessed, it is necessary to develop a
plan for system cleanup. In general, bringing up services in the
order of demand to allow a minimum of user inconvenience is the
best practice ...
... needs to be protected from outside attacks, while
providing useful services between the two.
This paper describes AT&T's Internet gateway ...
... gateway. This
gateway passes mail and many of the common Internet
services between AT&T internal machines and the Internet.
This is accomplished without IP ...
... link.
The internal machine provides a few carefully-guarded
services to the external gateway. This configuration
helps protect the internal internet ...
... firewall. Also, most firewall systems require users
who want access to Internet services to have accounts on
the firewall machine. AT&T's design allows AT&T internal
...
... firewall machine. AT&T's design allows AT&T internal
internet users access to the standard services of TELNET and
FTP ...
... Greenia, M., "Computer Security Information Sourcebook",
Lexikon Services, Sacramento, CA, 1989.
...
... Security Agency, "Information Systems Security
Products and Services Catalog", NSA, Quarterly Publication.
NSA's catalogue contains chapter on: Endorsed Cryptographic ...
... Data Encryption Standard (DES)
Products List; Protected Services List; Evaluated Products
List; Preferred Products List; and Endorsed Tools List.
...