IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Safeguard Catalogue - Hardware & Software Remarks<br />

____________________________________________________________________ .........................................<br />

S 4.45 Setting up a secure Peer-to-Peer environment<br />

Initiation responsibility: Head of <strong>IT</strong> Section, <strong>IT</strong> Security Management<br />

Implementation responsibility: Administrators<br />

<strong>The</strong> administrator should individually authorise or block the Peer-to-Peer<br />

functions for every computer in the WfW network and thus restrict the WfW<br />

environment in a user-specific way. To do this he requires the administration<br />

tool ADMINCFG.EXE.<br />

After calling up ADMINCFG.EXE, the security configuration file<br />

WFWSYS.CFG, in which the security settings of the respective WfW<br />

computer are stored, must first be opened. ADMINCFG.EXE cannot<br />

distinguish in this case between different users on one WfW computer.<br />

Even if it is not intended to restrict the environment, the security configuration<br />

file WFWSYS.CFG must be provided with password protection. If the<br />

administration tool ADMINCFG.EXE is installed locally for this purpose, it<br />

must be removed afterwards.<br />

From the point of view of security, it is possible to create the following<br />

configurations for the computer with the aid of the administration tool<br />

ADMINCFG.EXE:<br />

<strong>The</strong> sharing options must be specified:<br />

- If the computer is not intended for the sharing of directories, the option<br />

“Deactivate file sharing“ must be set. <strong>The</strong> corresponding functions are then<br />

no longer available in the file manager but it remains possible to link up<br />

with the directories of other computers.<br />

- If the computer is not intended for the sharing of printers, the option<br />

“Deactivate printer sharing“ must be set.<br />

- If the computer is not intended for network DDE sharing (e.g. telephony<br />

under WfW, data communication via the filing folder), the option<br />

“Deactivate network DDE sharing“ must be set.<br />

<strong>The</strong> password options must be specified:<br />

- In the case of activated password caching, all WfW network connections<br />

will be stored in a file with associated passwords if this is desired by the<br />

user in the respective connection set-up. Repeated password entries are<br />

then no longer necessary at a later date. <strong>The</strong> “Deactivate password<br />

caching“ option should always be set, at the very least, if the WfW<br />

computer does not have adequate access protection (e.g. BIOS password).<br />

- “Display passwords in sharing dialogue fields in a readable manner“ may<br />

not be activated as otherwise the password appears on the screen in plain<br />

text when it is entered.<br />

- “Expiration of log-on password“ should be set in the period specified in the<br />

security strategy.<br />

- “Minimum password length“ must be set to at least 6.<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!