IT Baseline Protection Manual - The Information Warfare Site
19.12.2012 Views
Share Embed Flag

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

IT Baseline Protection Manual - The Information Warfare Site

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
iwar.org.uk

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Safeguard Catalogue - Organisation Remarks<br />

____________________________________________________________________ .........................................<br />

unauthorised access to the output file, this should also be interrupted. It is<br />

recommended, however, to copy the contents of the window of the<br />

Network Monitor to the clipboard with the Print key as access to the output<br />

file is not documented.<br />

- Checking the protocol data: In the event that resources have been shared<br />

on a computer, the event protocol should be activated (in the program<br />

group CONTROL PANEL under Network for WfW, or in the program<br />

group ADMINISTRATION under User-Manager for Windows NT) and<br />

assessed on a regular basis (in the program group NETWORK under<br />

Network Monitor for WfW or in the program group CONTROL PANEL<br />

under Events for Windows NT). Windows 95 offers no standard<br />

procedure for logging events. <strong>The</strong>refore, under Windows 95, the Network<br />

Monitor absolutely must remain open in case Peer-to-Peer functions need<br />

to be carried out despite this weakness.<br />

It should be checked on a weekly basis, for example, whether unauthorised<br />

users accessed shared directories, whether there were errors in accessing<br />

shared directories or whether the system was started at unusual times. As<br />

these protocol data also contain person-related data, they should be deleted<br />

after assessment if storage is no longer required.<br />

Example for a possible incident protocol:<br />

- Checking automatically shared resources: WfW and Windows 95 users<br />

should check on a random basis which of their resources are automatically<br />

shared after start-up of the system without their direct participation (for<br />

example, by checking after start-up which directories, printers and pages of<br />

the output file are then shared). If necessary, this share should be<br />

withdrawn. Inexplicable irregularities, such as the automatic sharing of a<br />

directory which the user himself did not share, should be reported to the<br />

administrator. <strong>The</strong>se could be indications of Trojan horses which share<br />

directories without being detected. Should the user not be sure whether or<br />

what was shared, the file shares.pwl under WfW should be deleted, which<br />

contains the entries for automatic sharing. Under Windows 95, shares can<br />

be deleted with the help of the Explorer. This problem will not arise under<br />

Windows NT since only administrators can share resources.<br />

____________________________________________________________________ .........................................<br />

<strong>IT</strong>-<strong>Baseline</strong> <strong>Protection</strong> <strong>Manual</strong>: Oktober 2000

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!