IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Safeguard Catalogue - Communications Remarks<br />

____________________________________________________________________ .........................................<br />

S 6.48 Procedures in case of a loss of database<br />

integrity<br />

Initiation responsibility: Head of <strong>IT</strong> Section, <strong>IT</strong> Security Management<br />

Implementation responsibility: Administrator, <strong>IT</strong> users<br />

In the event that the database system behaves in a manner for which there is<br />

no obvious explanation (e.g. undefined system behaviour, tables or data<br />

records going missing, modified table contents, inexplicably long response<br />

times), a loss of database integrity may have occurred. This can result from<br />

misuse of the system, for example, as a result of changes to the system settings<br />

or exceedance of the maximum number of permitted connects.<br />

Users should observe the following procedure in this case:<br />

- Keep calm.<br />

- Inform the Database Administrator.<br />

- Do not use the database any longer.<br />

<strong>The</strong> Database Administrator should take the following steps:<br />

- Inform all affected users.<br />

- Shut down the database system.<br />

- Start up the database system in the exclusive mode (if this is supported by<br />

the database system).<br />

- Back up all files which could provide information on the nature and cause<br />

of the problem (for example, whether an intrusion has taken place, and if<br />

so, how penetration was effected), i.e. it is especially important to back up<br />

all the relevant log files.<br />

- Check and, if necessary, reset the access rights for system tables.<br />

- Check the database software for any visible changes, for example, to the<br />

date of creation and size of the corresponding files. As these attributes can<br />

be reset to their original values by an intruder, the integrity of the files<br />

should be tested using checksum procedures.<br />

- If necessary, delete the executable files and reinstall the original files from<br />

write-protected data media (cf. S 6.21 Backup copy of the software used).<br />

Programs should not be restored from data backups as these could already<br />

contain the error.<br />

- Check the log files for irregularities (in co-operation with the Auditor).<br />

- Change all the passwords.<br />

- Ask users to check their domains for irregularities.<br />

Once all the passwords have been changed, they must be notified to the users<br />

concerned. No password or password derivation scheme which is known to all<br />

the users should be used here. It is better to generate the passwords randomly<br />

and notify the users by a reliable route, e.g. in sealed envelopes. <strong>The</strong>se<br />

passwords should be changed immediately after logging on for the first time.<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000<br />

Misuse<br />

Do not panic!<br />

Back up log files<br />

Check software for<br />

modifications<br />

Reload original files<br />

Generate new<br />

passwords using<br />

randomisation

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!