IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Safeguard Catalogue - Communications Remarks<br />

____________________________________________________________________ .........................................<br />

S 5.53 <strong>Protection</strong> against mail bombs<br />

Initiation responsibility: Head of <strong>IT</strong> Section, <strong>IT</strong> Security Management<br />

Implementation responsibility: Administrator, <strong>IT</strong> users<br />

Mail bombs are e-mails which have been intentionally equipped with<br />

disruptive functions. For example, a mail bomb can consist of a compressed<br />

file which is sent along as an attachment and which, when unpacked, creates a<br />

countless number of subdirectories or takes up a lot of hard-disk space.<br />

Archives, i.e. with zip programmes compressed files, should never be<br />

unpacked without being checked beforehand. To protect one's <strong>IT</strong> systems<br />

against Trojan horses and other disruptive functions possibly harboured by<br />

compressed files, it is advisable to view a list of the archived files together<br />

with their size before unpacking them. Archive files should also be scanned<br />

for computer viruses before being unpacked.<br />

Self-extracting executable programmes with the extension *.exe should never<br />

be opened on regular workstations, as the contents of such programmes cannot<br />

be examined before unpacking.<br />

New programmes should always be tested beforehand on <strong>IT</strong> systems which<br />

are isolated from the production system (refer to S 4.65 Testing new hardware<br />

and software).<br />

In the case of UNIX systems and other server-based operating systems, the<br />

following points should also be observed:<br />

- Unfamiliar archives should never be unpacked under super-user<br />

authorisation, but only under a user ID with as little write access as<br />

possible.<br />

- A file system with disk quota should be used to restrict the amount of disk<br />

space which a disruptive programme could occupy in the worst case.<br />

Additional controls:<br />

- Have users been informed about the potential threats posed by mail<br />

bombs?<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!