IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Safeguard Catalogue - Communications Remarks<br />

____________________________________________________________________ .........................................<br />

S 5.42 Secure configuration of TCP/IP network<br />

administration under Windows NT<br />

Initiation responsibility: Head of <strong>IT</strong> Section, <strong>IT</strong> Security Management<br />

Implementation responsibility: Administrators<br />

When integrating Windows NT systems into a computer network, correct<br />

configuration of the installed network services is particularly important. Notes<br />

are given in the following paragraphs regarding the most widely-used<br />

services; these notes, however, do not replace a detailed examination of<br />

security requirements and the necessity for exact knowledge of the system<br />

documentation.<br />

DHCP (Dynamic Host Configuration Protocol)<br />

To reduce the effort involved in administration of IP address information, IP<br />

addresses, and the data belonging to them, can be dynamically configured<br />

under DHCP.<br />

A Windows NT computer becomes a DHCP client if it has been configured<br />

for automatic DHCP-configuration when installing TCP/IP. After starting a<br />

DHCP client a connection to a DHCP server will be established in order to<br />

obtain the necessary TCP/IP configuration data. This configuration data<br />

contains at least one IP address, a subnetwork mask and the current validity<br />

length of the address.<br />

Installation of a DHCP server is part of the installation of Microsoft TCP/IP<br />

and can only be carried out by a member of the "Administrators" group.<br />

Note: To avoid a possible conflict, it must be ensured that other DHCP servers<br />

do not already exist in the network before installing a new DHCP server.<br />

Automatic configuration of a new DHCP server cannot be carried out under<br />

DHCP as a computer cannot simultaneously act as a DHCP client and a<br />

DHCP server.<br />

Note: »All entries in the registry concerning the DHCP server can be found<br />

under the path<br />

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\<br />

DHCPserver\Parameters.«<br />

With the service programme DHCP-Manager the following fundamental tasks<br />

can be performed:<br />

- Creating one or more DHCP areas, so that DHCP services are available.<br />

- Defining the properties of an area including length of usage time and IP<br />

address pools which should be allocated by servers to possible DHCP<br />

clients.<br />

- Determining standard values for options like Standard-Gateway, DNS<br />

server or WINS server, which should be allocated together with an IP<br />

address and the addition of personal options.<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!