IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Networked Systems UNIX Server<br />

_________________________________________________________________________________________<br />

6.2 UNIX Server<br />

Description<br />

UNIX server consist of computers running on the UNIX<br />

operating system and offering services (as servers) for other<br />

<strong>IT</strong> systems within a network.<br />

In this chapter, the threats and safeguards described are<br />

specifically for UNIX servers. Additional threats and<br />

safeguards applying to server-supported networks can be<br />

found in chapter 6.1.<br />

Threat Scenario<br />

<strong>The</strong> following typical threats (T) are assumed as regards <strong>IT</strong> baseline protection of a UNIX server:<br />

Organisational Shortcomings:<br />

- T 2.15 Loss of confidentiality of sensitive data in the UNIX system<br />

- T 2.23 Security flaws involved in integrating DOS PCs into a server-based network<br />

- T 2.65 Complexity of the SAMBA configuration<br />

Human Error:<br />

- T 3.10 Incorrect export of file systems under UNIX<br />

- T 3.11 Improper configuration of sendmail<br />

Technical Failure:<br />

- T 4.11 Lack of authentication possibilities between NIS Server and NIS Client<br />

- T 4.12 Lack of authentication possibilities between X Server and X Client<br />

Deliberate Acts:<br />

- T 5.40 Monitoring rooms using computers equipped with microphones<br />

- T 5.41 Misuse of a UNIX system with the help of uucp<br />

- T 5.89 Hijacking of network connections<br />

Recommended Countermeasures (S)<br />

To implement <strong>IT</strong> baseline protection, selection of the required packages of safeguards ("modules"), as<br />

described in Sections 2.3 and 2.4, is recommended.<br />

In the following, the safeguard package for "UNIX servers" is set out.<br />

Some measures refer to the configuration of the various servers; other measures will have to be<br />

implemented by servers and clients in order to become effective. For any clients connected, the<br />

safeguards outlined in chapter 5 must be implemented.<br />

It is advisable to install the server in a separate server room. <strong>The</strong> appropriate measures are described in<br />

Chapter 4.3.2. If no server room is a available, a server cabinet should be used (c.f. Chapter 4.4).<br />

In addition, the following measures will have to be taken:<br />

_________________________________________________________________________________________<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Otober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!