IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Threats Catalogue Deliberate Acts Remarks<br />

____________________________________________________________________ .........................................<br />

T 5.19 Abuse of user rights<br />

Abuse of rights takes place when someone deliberately exploits - rightfully or<br />

illicitly obtained - facilities in order to harm a system or its users.<br />

Example:<br />

For many systems, it is possible for any user to read the /etc/passwd file so<br />

that he can obtain information on the personal data contained in that file. In<br />

addition, he can try, by means of a dictionary attack (cf. T 5.18 Systematic<br />

trying-out of passwords), to guess the encrypted passwords. If group<br />

privileges are granted too generously, particularly in the case of system groups<br />

such as root, bin, adm, news or daemon, abuse - for instance, modification or<br />

deletion of third parties' files - can be easily effected.<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!