summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc2504.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/rfc/rfc2504.txt')
-rw-r--r--doc/rfc/rfc2504.txt1851
1 files changed, 1851 insertions, 0 deletions
diff --git a/doc/rfc/rfc2504.txt b/doc/rfc/rfc2504.txt
new file mode 100644
index 0000000..97cd940
--- /dev/null
+++ b/doc/rfc/rfc2504.txt
@@ -0,0 +1,1851 @@
+
+
+
+
+
+
+Network Working Group E. Guttman
+Request for Comments: 2504 Sun Microsystems
+FYI: 34 L. Leong
+Category: Informational COLT Internet
+ G. Malkin
+ Bay Networks
+ February 1999
+
+
+ Users' Security Handbook
+
+Status of this Memo
+
+ This memo provides information for the Internet community. It does
+ not specify an Internet standard of any kind. Distribution of this
+ memo is unlimited.
+
+Copyright Notice
+
+ Copyright (C) The Internet Society (1999). All Rights Reserved.
+
+Abstract
+
+ The Users' Security Handbook is the companion to the Site Security
+ Handbook (SSH). It is intended to provide users with the information
+ they need to help keep their networks and systems secure.
+
+Table of Contents
+
+ Part One: Introduction . . . . . . . . . . . . . . . . . . . . 2
+ 1. READ.ME . . . . . . . . . . . . . . . . . . . . . . . . . 2
+ 2. The Wires have Ears . . . . . . . . . . . . . . . . . . . 3
+ Part Two: End-users in a centrally-administered network . . . 4
+ 3. Watch Out! . . . . . . . . . . . . . . . . . . . . . . . 4
+ 3.1. The Dangers of Downloading . . . . . . . . . . . . . . 4
+ 3.2. Don't Get Caught in the Web . . . . . . . . . . . . . . 5
+ 3.3. Email Pitfalls . . . . . . . . . . . . . . . . . . . . 6
+ 3.4. Passwords . . . . . . . . . . . . . . . . . . . . . . . 7
+ 3.5. Viruses and Other Illnesses . . . . . . . . . . . . . . 7
+ 3.6. Modems . . . . . . . . . . . . . . . . . . . . . . . . 8
+ 3.7. Don't Leave Me... . . . . . . . . . . . . . . . . . . . 9
+ 3.8. File Protections . . . . . . . . . . . . . . . . . . . 9
+ 3.9. Encrypt Everything . . . . . . . . . . . . . . . . . . 10
+ 3.10. Shred Everything Else . . . . . . . . . . . . . . . . . 10
+ 3.11. What Program is This, Anyway? . . . . . . . . . . . . . 11
+ 4. Paranoia is Good . . . . . . . . . . . . . . . . . . . . 11
+ Part Three: End-users self administering a networked computer 14
+ 5. Make Your Own Security Policy . . . . . . . . . . . . . . 14
+
+
+
+Guttman, et. al. Informational [Page 1]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ 6. Bad Things Happen . . . . . . . . . . . . . . . . . . . . 15
+ 6.1. How to Prepare for the Worst in Advance . . . . . . . . 15
+ 6.2. What To Do if You Suspect Trouble . . . . . . . . . . . 16
+ 6.3. Email . . . . . . . . . . . . . . . . . . . . . . . . . 17
+ 7. Home Alone . . . . . . . . . . . . . . . . . . . . . . . 17
+ 7.1. Beware of Daemons . . . . . . . . . . . . . . . . . . . 17
+ 7.2. Going Places . . . . . . . . . . . . . . . . . . . . . 19
+ 7.3. Secure It! . . . . . . . . . . . . . . . . . . . . . . 20
+ 8. A Final Note . . . . . . . . . . . . . . . . . . . . . . 20
+ Appendix: Glossary of Security Terms . . . . . . . . . . . . . 21
+ Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 31
+ References . . . . . . . . . . . . . . . . . . . . . . . . . . 31
+ Security Considerations . . . . . . . . . . . . . . . . . . . 32
+ Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 32
+ Full Copyright Statement . . . . . . . . . . . . . . . . . . . 33
+
+Part One: Introduction
+
+ This document provides guidance to the end-users of computer systems
+ and networks about what they can do to keep their data and
+ communication private, and their systems and networks secure. Part
+ Two of this document concerns "corporate users" in small, medium and
+ large corporate and campus sites. Part Three of the document
+ addresses users who administer their own computers, such as home
+ users.
+
+ System and network administrators may wish to use this document as
+ the foundation of a site-specific users' security guide; however,
+ they should consult the Site Security Handbook first [RFC2196].
+
+ A glossary of terms is included in an appendix at the end of this
+ document, introducing computer network security notions to those not
+ familiar with them.
+
+1. READ.ME
+
+ Before getting connected to the Internet or any other public network,
+ you should obtain the security policy of the site that you intend to
+ use as your access provider, and read it. A security policy is a
+ formal statement of the rules by which users who are given access to
+ a site's technology and information assets must abide. As a user,
+ you are obliged to follow the policy created by the decision makers
+ and administrators at your site.
+
+ A security policy exists to protect a site's hardware, software and
+ data. It explains what the security goals of the site are, what
+ users can and cannot do, what to do and who to contact when problems
+ arise, and generally informs users what the "rules of the game" are.
+
+
+
+Guttman, et. al. Informational [Page 2]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+2. The Wires have Ears
+
+ It is a lot easier to eavesdrop on communications over data networks
+ than to tap a telephone conversation. Any link between computers may
+ potentially be insecure, as can any of the computers through which
+ data flows. All information passing over networks may be
+ eavesdropped on, even if you think "No one will care about this..."
+
+ Information passing over a network may be read not only by the
+ intended audience but can be read by others as well. This can happen
+ to personal Email and sensitive information that is accessed via file
+ transfer or the Web. Please refer to the "Don't Get Caught in the
+ Web" and "Email Pitfalls" sections for specific information on
+ protecting your privacy.
+
+ As a user, your utmost concerns should, firstly, be to protect
+ yourself against misuse of your computer account(s) and secondly, to
+ protect your privacy.
+
+ Unless precautions are taken, every time you log in over a network,
+ to any network service, your password or confidential information may
+ be stolen. It may then be used to gain illicit access to systems you
+ have access to. In some cases, the consequences are obvious: If
+ someone gains access to your bank account, you might find yourself
+ losing some cash, quickly. What is not so obvious is that services
+ which are not financial in nature may also be abused in rather costly
+ ways. You may be held responsible if your account is misused by
+ someone else!
+
+ Many network services involve remote log in. A user is prompted for
+ his or her account ID (ie. user name) and password. If this
+ information is sent through the network without encryption, the
+ message can be intercepted and read by others. This is not really an
+ issue when you are logging in to a "dial-in" service where you make a
+ connection via telephone and log in, say to an online service
+ provider, as telephone lines are more difficult to eavesdrop on than
+ Internet communications.
+
+ The risk is there when you are using programs to log in over a
+ network. Many popular programs used to log in to services or to
+ transfer files (such as telnet and ftp, respectively) send your user
+ name and password and then your data over the network without
+ encrypting them.
+
+ The precaution commonly taken against password eavesdropping by
+ larger institutions, such as corporations, is to use one-time
+ password systems.
+
+
+
+
+Guttman, et. al. Informational [Page 3]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ Until recently, it has been far too complicated and expensive for
+ home systems and small businesses to employ secure log in systems.
+ However, an increasing number of products enable this to be done
+ without fancy hardware, using cryptographic techniques. An example
+ of such a technique is Secure Shell [SSH], which is both freely and
+ commercially available for a variety of platforms. Many products
+ (including SSH-based ones) also allow data to be encrypted before it
+ is passed over the network.
+
+Part Two: End-users in a centrally-administered network
+
+ The following rules of thumb provide a summary of the most important
+ pieces of advice discussed in Part Two of this document:
+
+ - Know who your security point-of-contact is.
+ - Keep passwords secret at all times.
+ - Use a password-locked screensaver or log out when you leave your
+ desk.
+ - Don't let simply anyone have physical access to your computer or
+ your network.
+ - Be aware what software you run and very wary of software of
+ unknown origin. Think hard before you execute downloaded
+ software.
+ - Do not panic. Consult your security point-of-contact, if
+ possible, before spreading alarm.
+ - Report security problems as soon as possible to your security
+ point-of-contact.
+
+3. Watch Out!
+
+3.1. The Dangers of Downloading
+
+ An ever expanding wealth of free software has become available on the
+ Internet. While this exciting development is one of the most
+ attractive aspects of using public networks, you should also exercise
+ caution. Some files may be dangerous. Downloading poses the single
+ greatest risk.
+
+ Be careful to store all downloaded files so that you will remember
+ their (possibly dubious) origin. Do not, for example, mistake a
+ downloaded program for another program just because they have the
+ same name. This is a common tactic to fool users into activating
+ programs they believe to be familiar but could, in fact, be
+ dangerous.
+
+
+
+
+
+
+
+Guttman, et. al. Informational [Page 4]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ Programs can use the network without making you aware of it. One
+ thing to keep in mind is that if a computer is connected, any program
+ has the capability of using the network, with or without informing
+ you. Say, for example:
+
+ You download a game program from an anonymous FTP server. This
+ appears to be a shoot-em-up game, but unbeknownst to you, it
+ transfers all your files, one by one, over the Internet to a
+ cracker's machine!
+
+ Many corporate environments explicitly prohibit the downloading and
+ running of software from the Internet.
+
+3.2. Don't Get Caught in the Web
+
+ The greatest risk when web browsing is downloading files. Web
+ browsers allow any file to be retrieved from the Internet. See "The
+ Dangers of Downloading".
+
+ Web browsers are downloading files even when it is not entirely
+ obvious. Thus, the risk posed by downloading files may be present
+ even if you do not actively go out and retrieve files overtly. Any
+ file which you have loaded over the network should be considered
+ possibly dangerous (even files in the web browser's cache). Do not
+ execute them by accident, as they may be malicious programs.
+ (Remember, programs are files, too. You may believe you have
+ downloaded a text file, when in fact it is a Trojan Horse program,
+ script, etc.)
+
+ Web browsers may download and execute programs on your behalf, either
+ automatically or after manual intervention. You may disable these
+ features. If you leave them enabled, be sure that you understand the
+ consequences. You should read the security guide which accompanies
+ your web browser as well as the security policy of your company. You
+ should be aware that downloaded programs may be risky to execute on
+ your machine. See "What program is this, anyway?".
+
+ Web pages often include forms. Be aware that, as with Email, data
+ sent from a web browser to a web server is not secure. Several
+ mechanisms have been created to prevent this, most notably Secure
+ Sockets Layer [SSL]. This facility has been built into many web
+ browsers. It encrypts data sent between the user's web browser and
+ the web server so no one along the way can read it.
+
+ It is possible that a web page will appear to be genuine, but is, in
+ fact, a forgery. It is easy to copy the appearance of a genuine web
+ page and possible to subvert the network protocols which contact the
+ desired web server, to misdirect a web browser to an imposter.
+
+
+
+Guttman, et. al. Informational [Page 5]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ That threat may be guarded against using SSL to verify if a web page
+ is genuine. When a 'secure' page has been downloaded, the web
+ browser's 'lock' or 'key' will indicate so. It is good to
+ double-check this: View the 'certificate' associated with the web
+ page you have accessed. Each web browser has a different way to do
+ this. The certificate will list the certificate's owner and who
+ issued it. If these look trustworthy, you are probably OK.
+
+3.3 Email Pitfalls
+
+ All the normal concerns apply to messages received via Email that you
+ could receive any other way. For example, the sender may not be who
+ he or she claims to be. If Email security software is not used, it
+ is very difficult to determine for sure who sent a message. This
+ means that Email itself is a not a suitable way to conduct many types
+ of business. It is very easy to forge an Email message to make it
+ appear to have come from anyone.
+
+ Another security issue you should consider when using Email is
+ privacy. Email passes through the Internet from computer to
+ computer. As the message moves between computers, and indeed as it
+ sits in a user's mailbox waiting to be read, it is potentially
+ visible to others. For this reason, it is wise to think twice before
+ sending confidential or extremely personal information via Email.
+ You should never send credit card numbers and other sensitive data
+ via unprotected Email. Please refer to "The Wires Have Ears".
+
+ To cope with this problem, there are privacy programs available, some
+ of which are integrated into Email packages.
+
+ One service many Email users like to use is Email forwarding. This
+ should be used very cautiously. Imagine the following scenario:
+
+ A user has an account with a private Internet Service Provider and
+ wishes to receive all her Email there. She sets it up so that her
+ Email at work is forwarded to her private address. All the Email
+ she would receive at work then moves across the Internet until it
+ reaches her private account. All along the way, the Email is
+ vulnerable to being read. A sensitive Email message sent to her
+ at work could be read by a network snoop at any of the many stops
+ along the way the Email takes.
+
+ Note that Email sent or received at work may not be private. Check
+ with your employer, as employers may (in some instances) legally both
+ read your Email and make use of it. The legal status of Email
+ depends on the privacy of information laws in force in each country.
+
+
+
+
+
+Guttman, et. al. Informational [Page 6]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ Many mail programs allow files to be included in Email messages. The
+ files which come by Email are files like any other. Any way in which
+ a file can find its way onto a computer is possibly dangerous. If
+ the attached file is merely a text message, fine. But it may be more
+ than a text message. If the attached file is itself a program or an
+ executable script, extreme caution should be applied before running
+ it. See the section entitled "The Dangers of Downloading".
+
+3.4 Passwords
+
+ Passwords may be easily guessed by an intruder unless precautions are
+ taken. Your password should contain a mixture of numbers, upper and
+ lower case letters, and punctuation. Avoid all real words in any
+ language, or combinations of words, license plate numbers, names and
+ so on. The best password is a made-up sequence (e.g., an acronym
+ from a phrase you won't forget), such as "2B*Rnot2B" (but don't use
+ this password!).
+
+ Resist the temptation to write your password down. If you do, keep
+ it with you until you remember it, then shred it! NEVER leave a
+ password taped onto a terminal or written on a whiteboard. You
+ wouldn't write your PIN code on your automated teller machine (ATM)
+ card, would you? You should have different passwords for different
+ accounts, but not so many passwords that you can't remember them.
+ You should change your passwords periodically.
+
+ You should also NEVER save passwords in scripts or login procedures
+ as these could be used by anyone who has access to your machine.
+
+ Be certain that you are really logging into your system. Just
+ because a login prompt appears and asks you for your password does
+ not mean you should enter it. Avoid unusual login prompts and
+ immediately report them to your security point-of-contact. If you
+ notice anything strange upon logging in, change your password.
+
+ Unless precautions have been taken to encrypt your password when it
+ is sent over the network, you should, if possible, use "one-time
+ passwords" whenever you log in to a system over a network. (Some
+ applications take care of that for you.) See "The Wires Have Ears"
+ for more information on the risks associated with logging in over a
+ network.
+
+3.5 Viruses and Other Illnesses
+
+ Viruses are essentially unwanted pieces of software that find their
+ way onto a computer. What the virus may do once it has entered its
+ host, depends on several factors: What has the virus been programmed
+ to do? What part of the computer system has the virus attacked?
+
+
+
+Guttman, et. al. Informational [Page 7]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ Some viruses are 'time bombs' which activate only when given a
+ particular condition, such as reaching a certain date. Others remain
+ latent in the system until a particular afflicted program is
+ activated. There are still others which are continually active,
+ exploiting every opportunity to do mischief. A subtle virus may
+ simply modify a system's configuration, then hide.
+
+ Be cautious about what software you install on your system. Use
+ software from "trusted sources", if possible. Check your site policy
+ before installing any software: Some sites only allow administrators
+ to install software to avoid security and system maintenance
+ problems.
+
+ Centrally-administered sites have their own policy and tools for
+ dealing with the threat of viruses. Consult your site policy or find
+ out from your systems administrator what the correct procedures are
+ to stay virus free.
+
+ You should report it if a virus detection tool indicates that your
+ system has a problem. You should notify your site's systems
+ administrators as well as the person you believe passed the virus to
+ you. It is important to remain calm. Virus scares may cause more
+ delay and confusion than an actual virus outbreak. Before announcing
+ the virus widely, make sure you verify its presence using a virus
+ detection tool, if possible, with the assistance of
+ technically-competent personnel.
+
+ Trojan Horse programs and worms are often categorized with viruses.
+ Trojan Horse programs are dealt with in the "What Program is This,
+ Anyway?" section. For the purposes of this section, worms should be
+ considered a type of virus.
+
+3.6 Modems
+
+ You should be careful when attaching anything to your computer, and
+ especially any equipment which allows data to flow. You should get
+ permission before you connect anything to your computer in a
+ centrally-administered computing environment.
+
+ Modems present a special security risk. Many networks are protected
+ by a set of precautions designed to prevent a frontal assault from
+ public networks. If your computer is attached to such a network, you
+ must exercise care when also using a modem. It is quite possible to
+ use the modem to connect to a remote network while *still* being
+ connected to the 'secure' net. Your computer can now act as a hole
+ in your network's defenses. Unauthorized users may be able to get
+ onto your organization's network through your computer!
+
+
+
+
+Guttman, et. al. Informational [Page 8]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ Be sure you know what you are doing if you leave a modem on and set
+ up your computer to allow remote computers to dial in. Be sure you
+ use all available security features correctly. Many modems answer
+ calls by default. You should turn auto-answer off unless you are
+ prepared to have your computer respond to callers. Some 'remote
+ access' software requires this. Be sure to turn on all the security
+ features of your 'remote access' software before allowing your
+ computer to be accessed by phone.
+
+ Note that having an unlisted number will not protect you from someone
+ breaking into your computer via a phone line. It is very easy to
+ probe many phone lines to detect modems and then launch attacks.
+
+3.7 Don't Leave Me...
+
+ Do not leave a terminal or computer logged in and walk away. Use
+ password-locked screensavers whenever possible. These can be set up
+ so that they activate after the computer has been idle for a while.
+
+ Sinister as it may seem, someone coming around to erase your work is
+ not uncommon. If you remained logged in, anyone can come by and
+ perform mischief for which you may be held accountable. For example,
+ imagine the trouble you could be in for if nasty Email were sent to
+ the president of your company in your name, or your account were used
+ to transfer illegal pornography.
+
+ Anyone who can gain physical access to your computer can almost
+ certainly break into it. Therefore, be cautious regarding who you
+ allow access to your machine. If physically securing your machine is
+ not possible, it is wise to encrypt your data files kept on your
+ local hard disk. If possible, it is also wise to lock the door to
+ one's office where the computer is stored.
+
+3.8 File Protections
+
+ Data files and directories on shared systems or networked file
+ systems require care and maintenance. There are two categories of
+ such systems:
+
+ - Files to share
+
+ Shared files may be visible to everyone or to a restricted group
+ of other users. Each system has a different way of specifying
+ this. Learn how to control sharing permissions of files and
+ implement such control without fail.
+
+
+
+
+
+
+Guttman, et. al. Informational [Page 9]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ - Protected files
+
+ These include files that only you should have access to, but
+ which are also available to anyone with system administrator
+ privileges. An example of this are files associated with the
+ delivery of Email. You don't want other users to read your Email,
+ so make sure such files have all the necessary file permissions
+ set accordingly.
+
+3.9 Encrypt Everything
+
+ Additionally, there are files that are private. You may have files
+ which you do not wish anyone else to have access to. In this case,
+ it is prudent to encrypt the file. This way, even if your network is
+ broken into or the systems administrator turns into Mr. Hyde, your
+ confidential information will not be available. Encryption is also
+ very important if you share a computer. For example, a home computer
+ may be shared by room mates who are friends but prefer to keep their
+ Email and financial information private. Encryption allows for
+ shared yet private usage.
+
+ Before you encrypt files, you should check your site's security
+ policy. Some employers and countries expressly forbid or restrict
+ the storing and/or transferring of encrypted files.
+
+ Be careful with the passwords or keys you use to encrypt files.
+ Locking them away safely not only helps to keep them from prying eyes
+ but it will help you keep them secure too; for if you lose them, you
+ will lose your ability to decrypt your data as well! It may be wise
+ to save more than one copy. This may even be required, if your
+ company has a key escrow policy, for example. This protects against
+ the possibility that the only person knowing a pass phrase may leave
+ the company or be struck by lightning.
+
+ Whilst encryption programs are readily available, it should be noted
+ that the quality can vary widely. PGP (which stands for "Pretty Good
+ Privacy") for example, offers a strong encryption capability. Many
+ common software applications include the capability to encrypt data.
+ The encryption facilities in these are typically very weak.
+
+ You should not be intimidated by encryption software. Easy-to-use
+ software is being made available.
+
+3.10 Shred Everything Else
+
+ You would be surprised what gets thrown away into the waste-paper
+ basket: notes from meetings, old schedules, internal phone lists,
+ computer program listings, correspondence with customers and even
+
+
+
+Guttman, et. al. Informational [Page 10]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ market analyses. All of these would be very valuable to competitors,
+ recruiters and even an overzealous (hungry?) journalist looking for a
+ scoop. The threat of dumpster diving is real - take it seriously!
+ Shred all potentially useful documents before discarding them.
+
+ You should also be aware that deleting a file does not erase it in
+ many cases. The only way to be sure that an old hard disk does not
+ contain valuable data may be to reformat it.
+
+3.11 What Program is This, Anyway?
+
+ Programs have become much more complex in recent years. They are
+ often extensible in ways which may be dangerous. These extensions
+ make applications more flexible, powerful and customizable. They
+ also open the end-user up to all sorts of risks.
+
+ - A program may have "plug-in" modules. You should not trust the
+ plug-ins simply because you are used to trusting the programs
+ they plug into. For example: Some web pages suggest that the
+ user download a plug-in to view or use some portion of the web
+ page's content. Consider: What is this plug-in? Who wrote it?
+ Is it safe to include it in your web browser?
+
+ - Some files are "compound documents". This means that instead of
+ using one single program, it will be necessary to run several
+ programs in order to view or edit a document. Again, be careful
+ of downloading application components. Just because they
+ integrate with products which are well-known does not mean that
+ they can be trusted. Say, you receive an Email message which can
+ only be read if you download a special component. This component
+ could be a nasty program which wipes out your hard drive!
+
+ - Some programs are downloaded automatically when accessing web
+ pages. While there are some safeguards to make sure that these
+ programs may be used safely, there have been security flaws
+ discovered in the past. For this reason, some centrally-
+ administered sites require that certain web browser capabilities
+ be turned off.
+
+4. Paranoia is Good
+
+ Many people do not realize it, but social engineering is a tool which
+ many intruders use to gain access to computer systems. The general
+ impression that people have of computer break-ins is that they are
+ the result of technical flaws in computer systems which the intruders
+ have exploited. People also tend to think that break-ins are purely
+ technical. However, the truth is that social engineering plays a big
+
+
+
+
+Guttman, et. al. Informational [Page 11]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ part in helping an attacker slip through security barriers. This
+ often proves to be an easy stepping-stone onto the protected system
+ if the attacker has no authorized access to the system at all.
+
+ Social engineering may be defined, in this context, as the act of
+ gaining the trust of legitimate computer users to the point where
+ they reveal system secrets or help someone, unintentionally, to gain
+ unauthorized access to their system(s). Using social engineering, an
+ attacker may gain valuable information and/or assistance that could
+ help break through security barriers with ease. Skillful social
+ engineers can appear to be genuine but are really full of deceit.
+
+ Most of the time, attackers using social enginering work via
+ telephone. This not only provides a shield for the attacker by
+ protecting his or her identity, it also makes the job easier because
+ the attacker can claim to be a particular someone with more chances
+ of getting away with it.
+
+ There are several types of social engineering. Here are a few
+ examples of the more commonly-used ones:
+
+ - An attacker may pretend to be a legitimate end-user who is new to
+ the system or is simply not very good with computers. This
+ attacker may approach systems administrators and other end-users
+ for help. This "user" may have lost his password, or simply can't
+ get logged into the system and needs to access the system
+ urgently. Attackers have also been known to identify themselves
+ as some VIP in the company, screaming at administrators to get
+ what they want. In such cases, the administrator (or it could be
+ an end-user) may feel threatened by the caller's authority and
+ give in to the demands.
+
+ - Attackers who operate via telephone calls may never even have seen
+ the screen display on your system before. In such cases, the
+ trick attackers use is to make details vague, and get the user to
+ reveal more information on the system. The attacker may sound
+ really lost so as to make the user feel that he is helping a
+ damsel in distress. Often, this makes people go out their way to
+ help. The user may then reveal secrets when he is off-guard.
+
+ - An attacker may also take advantage of system problems that have
+ come to his attention. Offering help to a user is an effective
+ way to gain the user's trust. A user who is frustrated with
+ problems he is facing will be more than happy when someone comes
+ to offer some help. The attacker may come disguised as the
+ systems administrator or maintenance technician. This attacker
+ will often gain valuable information because the user thinks that
+ it is alright to reveal secrets to technicians. Site visits may
+
+
+
+Guttman, et. al. Informational [Page 12]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ pose a greater risk to the attacker as he may not be able to make
+ an easy and quick get-away, but the risk may bring fruitful
+ returns if the attacker is allowed direct access to the system by
+ the naive user.
+
+ - Sometimes, attackers can gain access into a system without prior
+ knowledge of any system secret nor terminal access. In the same way
+ that one should not carry someone else's bags through Customs, no user
+ should key in commands on someone's behalf. Beware of attackers who
+ use users as their own remotely-controlled fingers to type commands on
+ the user's keyboard that the user does not understand, commands which
+ may harm the system. These attackers will exploit system software
+ bugs and loopholes even without direct access to the system. The
+ commands keyed in by the end-user may bring harm to the system, open
+ his own account up for access to the attacker or create a hole to
+ allow the attacker entry (at some later time) into the system. If you
+ are not sure of the commands you have been asked to key in, do not
+ simply follow instructions. You never know what and where these could
+ lead to...
+
+ To guard against becoming a victim of social engineering, one
+ important thing to remember is that passwords are secret. A password
+ for your personal account should be known ONLY to you. The systems
+ administrators who need to do something to your account will not
+ require your password. As administrators, the privileges they have
+ will allow them to carry out work on your account without the need
+ for you to reveal your password. An administrator should not have to
+ ask you for your password.
+
+ Users should guard the use of their accounts, and keep them for their
+ own use. Accounts should not be shared, not even temporarily with
+ systems administrators or systems maintenance techinicians. Most
+ maintenance work will require special privileges which end-users are
+ not given. Systems administrators will have their own accounts to
+ work with and will not need to access computer systems via an
+ end-user's account.
+
+ Systems maintenance technicians who come on site should be
+ accompanied by the local site administrator (who should be known to
+ you). If the site administrator is not familiar to you, or if the
+ technician comes alone, it is wise to give a call to your known site
+ administrator to check if the technician should be there. Yet, many
+ people will not do this because it makes them look paranoid and it is
+ embarrassing to show that they have no, or little trust in these
+ visitors.
+
+
+
+
+
+
+Guttman, et. al. Informational [Page 13]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ Unless you are very sure that the person you are speaking to is who he
+ or she claims to be, no secret information should ever be revealed to
+ such people. Sometimes, attackers may even be good enough to make
+ themselves sound like someone whose voice you know over the phone. It
+ is always good to double check the identity of the person. If you are
+ unable to do so, the wisest thing to do is not to reveal any secrets.
+ If you are a systems administrator, there should be security
+ procedures for assignment and reassignment of passwords to users, and
+ you should follow such procedures. If you are an end-user, there
+ should not be any need for you to have to reveal system secrets to
+ anyone else. Some companies assign a common account to multiple
+ users. If you happen to be in such a group, make sure you know
+ everyone in that group so you can tell if someone who claims to be in
+ the group is genuine.
+
+Part Three: End-users self administering a networked computer
+
+ The home user or the user who administers his own network has many of
+ the same concerns as a centrally-administered user. The following is
+ a summary of additional advice given in Part Three:
+
+ - Read manuals to learn how to turn on security features, then turn
+ them on.
+ - Consider how private your data and Email need to be. Have you
+ invested in privacy software and learned how to use it yet?
+ - Prepare for the worst in advance.
+ - Keep yourself informed about what the newest threats are.
+
+5. Make Your Own Security Policy
+
+ You should decide ahead of time what risks are acceptable and then
+ stick to this decision. It is also wise to review your decision at
+ regular intervals and whenever the need to do so arises. It may be
+ wise to simply avoid downloading any software from the network which
+ comes from an unknown source to a computer storing business records,
+ other valuable data and data which is potentially damaging if the
+ information was lost or stolen.
+
+ If the system has a mixed purpose, say recreation, correspondence
+ and some home accounting, perhaps you will hazard some downloading of
+ software. You unavoidably take some risk of acquiring stuff
+ which is not exactly what it seems to be.
+
+ It may be worthwhile installing privacy software on a computer if it
+ is shared by multiple users. That way, a friend of a room mate won't
+ have access to your private data, and so on.
+
+
+
+
+
+Guttman, et. al. Informational [Page 14]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+6. Bad Things Happen
+
+ If you notice that your files have been modified or ascertain somehow
+ that your account has been used without your consent, you should
+ inform your security point-of-contact immediately. When you do
+ not know who your security point-of-contact is, try calling
+ your Internet service provider's help desk as a first step.
+
+6.1 How to Prepare for the Worst in Advance
+
+ - Read all user documentation carefully. Make sure that it is clear
+ when services are being run on your computer. If network services
+ are activated, make sure they are properly configured (set all
+ permissions so as to prevent anonymous or guest logins, and so
+ on). Increasingly, many programs have networking capabilities
+ built in to them. Learn how to properly configure and safely use
+ these features.
+
+ - Back up user data. This is always important. Backups are
+ normally thought of as a way of ensuring you will not lose your
+ work if a hard disk fails or if you make a mistake and delete a
+ file. Backing up is also critical to insure that data cannot be
+ lost due to a computer security incident. One of the most vicious
+ and unfortunately common threats posed by computer viruses and
+ Trojan Horse programs is erasing a computer's hard disk.
+
+ - Obtain virus checking software or security auditing tools. Learn
+ how to use them and install them before connecting to a public
+ network. Many security tools require that they be run on a
+ "clean" system, so that comparisons can be made between the
+ present and pristine states. Thus, it is necessary for some work
+ to be done ahead of time.
+
+ - Upgrade networking software regularly. As new versions of
+ programs come out, it is prudent to upgrade. Security
+ vulnerabilities will likely have been fixed. The longer you wait
+ to do this, the greater the risk that security vulnerabilities of
+ the products will be become known and be exploited by some network
+ assailant. Keep up to date!
+
+ - Find out who to contact if you suspect trouble. Does your
+ Internet Service Provider have a security contact or Help Desk?
+ Investigate this before trouble happens so you won't lose time
+ trying to figure it out should trouble occur. Keep the contact
+ information both online and offline for easy retrieval.
+
+
+
+
+
+
+Guttman, et. al. Informational [Page 15]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ There are 3 ways to avoid problems with viruses:
+
+ 1. Don't be promiscuous
+
+ If at all possible, be cautious about what software you install on
+ your system. If you are unaware of or unsure of the origin of a
+ program, it is wise not to run it. Obtain software from trusted
+ sources. Do not execute programs or reboot using old diskettes
+ unless you have reformatted them, especially if the old diskettes
+ have been used to bring software home from a trade show and other
+ potentially security-vulnerable places.
+
+ Nearly all risk of getting infected by viruses can be eliminated
+ if you are extremely cautious about what files are stored on your
+ computer. See "The Dangers of Downloading" for more details.
+
+ 2. Scan regularly.
+
+ Give your system a regular check-up. There are excellent
+ virus checking and security audit tools for most computer
+ platforms available today. Use them, and if possible, set them to
+ run automatically and regularly. Also, install updates of these
+ tools regularly and keep yourself informed of new virus threats.
+
+ 3. Notice the unusual.
+
+ It's not true that a difference you cannot detect is no difference
+ at all, but it is a good rule of thumb. You should get used to
+ the way your system works. If there is an unexplainable change
+ (for instance, files you believe should exist are gone, or strange
+ new files are appearing and disk space is 'vanishing'), you should
+ check for the presense of viruses.
+
+ You should take some time to be familiar with computer virus
+ detection tools available for your type of computer. You should use
+ an up-to-date tool (i.e. not older than three months). It is very
+ important to test your computer if you have been using shared
+ software of dubious origin, someone else's used floppy disks to
+ transfer files, and so on.
+
+6.2 What To Do if You Suspect Trouble
+
+ If you suspect that your home computer has a virus, that a malicious
+ program has been run, or that a system has been broken into, the
+ wisest course of action is to first disconnect the system from all
+ networks. If available, virus detection or system auditing software
+ should be used.
+
+
+
+
+Guttman, et. al. Informational [Page 16]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ Checking vital system files for corruption, tampering or malicious
+ replacement is very tedious work to do by hand. Fortunately there are
+ many virus detection programs available for PCs and Macintosh
+ computers. There are security auditing programs available for
+ UNIX-based computers. If software is downloaded from the network, it
+ is wise to run virus detection or auditing tools regularly.
+
+ If it becomes clear that a home system has been attacked, it is time
+ to clean up. Ideally, a system should be rebuilt from scratch. This
+ means erasing everything on the hard disk. Next, install the
+ operating system and then all additional software the system needs.
+ It is best to install the operating system and additional software
+ from the original distribution diskettes or CD-roms, rather than from
+ backup storage. The reason for this is that a system may have been
+ broken into some time ago, so the backed up system or program files
+ may already include some altered files or viruses. Restoring a system
+ from scratch is tedious but worthwhile. Do not forget to re-install
+ all security related fixes you had installed before the security
+ incident. Obtain these from a verified, unsuspicious source.
+
+6.3 Email
+
+ Remember to be careful with saved Email. Copies of sent or received
+ Email (or indeed any file at all) placed in storage provided by an
+ Internet service provider may be vulnerable. The risk is that
+ someone might break into the account and read the old Email. Keep
+ your Email files, indeed any sensitive files, on your home machine.
+
+7. Home Alone
+
+ A home system can be broken into over the Internet if a home user is
+ unwary. The files on the home system can be stolen, altered or
+ destroyed. The system itself, if compromised, could be accessed
+ again some time in the future. This section describes issues and
+ makes recommendations relevant to a home user of the Internet.
+
+7.1 Beware of Daemons
+
+ A home system which uses PPP to connect directly to the Internet is
+ increasingly common. These systems are at the greatest risk if they
+ run certain kinds of programs called "services". If you run a
+ service, you are in effect making your computer available to others
+ across the network. Some services include:
+
+ - File servers (an NFS server, a PC with 'file sharing' turned on)
+ - An FTP server
+ - A Web server
+
+
+
+
+Guttman, et. al. Informational [Page 17]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ There are, in general, two types of programs which operate on the
+ Internet: Clients (like web browsers and Email programs) and Servers
+ (like web servers and mail servers).
+
+ Most software which runs on home systems is of the client variety;
+ but, increasingly, server software is available on traditionally
+ client platforms (e.g., PCs). Server software which runs in the
+ background is referred to as a "daemon" (pronounced dee-mon). Many
+ Internet server software programs that run as daemons have names that
+ end in `d', like "inetd" (Internet Daemon) and "talkd" (Talk Daemon).
+ When set to run, these programs wait for clients to request some
+ particular service from across the network.
+
+ There are four very important things to keep in mind as far as the
+ security implications of running services on a home computer are
+ concerned.
+
+ - First and most important, if a server is not properly configured,
+ it is very vulnerable to being attacked over a network. It is
+ vital, if you run services, to be familiar with the proper
+ configuration. This is often not easy, and may require training
+ or technical expertise.
+
+ - All software has flaws, and flaws exploited deviously can be used
+ to breach computer security. If you run a server on your home
+ machine, you have to stay aware. This requires work: You have to
+ stay in touch with the supplier of the software to get security
+ updates. It is highly recommended that you keep up with security
+ issues through on-line security forums. See [RFC2196] for a list
+ of references.
+
+ If security flaws in your server software are discovered, you will
+ need to either stop using the software or apply "patches" or
+ "fixes" which eliminate the vulnerability. The supplier of the
+ software, if it is a decent company or freeware author, will
+ supply information and updates to correct security flaws. These
+ "patches" or "fixes" must be installed as soon as possible.
+
+ - As a rule of thumb, the older the software, the greater the chance
+ that it has known vulnerabilities. This is not to say you should
+ simply trust brand new software either! Often, it takes time to
+ discover even obvious security flaws in servers.
+
+ - Some servers start up without any warning. There are some web
+ browsers and telnet clients which automatically start FTP servers
+ if not explicitly configured to not do so. If these servers are
+ not themselves properly configured, the entire file system of the
+ home computer can become available to anyone on the Internet.
+
+
+
+Guttman, et. al. Informational [Page 18]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ In general, any software MAY start up a network daemon. The way to
+ be safe here is to know the products you are using. Read the manual,
+ and if any questions arise, call the company or mail the author of
+ free software to find out if you are actually running a service by
+ using the product.
+
+ A home user running a remote login service on his home machine faces
+ very serious risks. This service allows the home user to log in to
+ his home machine from other computers on the Internet and can be
+ quite convenient. But the danger is that someone will secretly
+ observe the logging in and then be able to masquerade as the user
+ whenever they choose to do so in the future. See "The Wires Have
+ Ears" which suggests precautions to take for remote log in.
+
+ If possible, activate all "logging" options in your server software
+ which relate to security. You need to review these logs regularly in
+ order to gain any benefit from this logging. You should also be
+ aware that logs often grow very quickly in size, so you need to be
+ careful they don't fill up your hard disk!
+
+7.2 Going Places
+
+ Remote logins allow a user privileged access onto physically remote
+ systems from the comfort of his own home.
+
+ More and more companies are offering their employees the ability to
+ work from home with access to their computer accounts through dial-up
+ connections. As the convenience of Internet connectivity has led to
+ lowered costs and wide-spread availability, companies may allow
+ remote login to their systems via the Internet. Customers of
+ companies with Internet access may also be provided with remote login
+ accounts. These companies include Internet service providers, and
+ even banks. Users should be very careful when making remote logins.
+
+ As discussed in "The Wires have Ears" section, Internet connections
+ can be eavesdropped on. If you intend to use a remote login service,
+ check that the connection can be done securely, and make sure that
+ you use the secure technologies/features.
+
+ Connections may be secured using technologies like one-time
+ passwords, secure shell (SSH) and Secure Sockets Layer (SSL). One-
+ time passwords make a stolen password useless to steal, while secure
+ shell encrypts data sent over the connection. Please refer to "Don't
+ Get Caught in the Web" for a discussion on SSL. Secure services such
+ as these have to be made available on the systems to which you log in
+ remotely.
+
+
+
+
+
+Guttman, et. al. Informational [Page 19]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+7.3 Secure It!
+
+ Administering your own home computer means you get to choose what
+ software is run on it. Encryption software provides protection for
+ data. If you keep business records and other sensitive data on your
+ computer, encryption will help to keep it safe. For example, if you
+ ran a network service from your home computer and missed setting
+ restrictions on a private directory, a remote user (authorized or
+ not) may gain access to files in this private directory. If the
+ files are encrypted, the user will not be able to read them. But as
+ with all forms of encryption running on any system, the keys and
+ passwords should first be kept safe!
+
+8. A Final Note
+
+ This document has provided the reader with an introduction and as
+ much concise detail as possible. Present security issues go out of
+ date quickly, and although effort has been made to keep discussions
+ general, examples given may not be relevant in the future as the
+ Internet and computer industry continue to grow.
+
+ Just as home-owners are now taking increased cautions at the expense
+ of convenience, to secure their homes in the changing world we live
+ in, computer network users should not ignore security. It may be
+ inconvenient, but it is always better to be safe than sorry.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Guttman, et. al. Informational [Page 20]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+Appendix: Glossary of Security Terms
+
+ Acceptable Use Policy (AUP)
+
+ A set of rules and guidelines that specify in more or less detail
+ the expectations in regard to appropriate use of systems or
+ networks.
+
+ Account
+
+ See (Computer) Account
+
+ Anonymous and Guest Log In
+
+ Services may be made available without any kind of authentication.
+ This is commonly done, for instance, with the FTP protocol to
+ allow anonymous access. Other systems provide a special account
+ named "guest" to provide access, typically restricting the
+ privileges of this account.
+
+ Auditing Tool
+
+ Tools to analyze computer systems or networks in regard to their
+ security status or in relation to the set of services provided by
+ them. COPS (Computer Oracle Password and Security analyzer) and
+ SATAN (Security Administrator's Tool for Analyzing Networks) are
+ famous examples of such tools.
+
+ Authentication
+
+ Authentication refers to mechanisms which are used to verify the
+ identity of a user. The process of authentication typically
+ requires a name and a password to be supplied by the user as proof
+ of his identity.
+
+ Centrally-Administered Network
+
+ A network of systems which is the responsibility of a single group
+ of administrators who are not distributed but work centrally to
+ take care of the network.
+
+ Certificate
+
+ Certificates are data which is used to verify digital signatures.
+ A certificate is only as trustworthy as the agency which issued
+ it. A certificate is used to verify a particular signed item,
+ such as an Email message or a web page. The digital signature,
+ the item and the certificate are all processed by a mathematical
+
+
+
+Guttman, et. al. Informational [Page 21]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ program. It is possible to say, if the signature is valid, that
+ "According to the agency which issued the certificate, the signer
+ was (some name)".
+
+ Clean System
+
+ A computer which has been freshly installed with its operating
+ system and software obtainied from trusted software distribution
+ media. As more software and configuration are added to a
+ computer, it becomes increasingly difficult to determine if the
+ computer is 'clean' or has been compromised by viruses, trojan
+ horse or misconfiguration which reduces the security of the
+ system.
+
+ Client
+
+ Depending on the point of view, a client might be a computer
+ system which an end-user uses to access services hosted on another
+ computer system called a server. 'Client' may also refer to a
+ program or a part of a system that is used by an end-user to
+ access services provided by another program (for example, a web
+ browser is a client that accesses pages provided by a Web Server).
+
+ Compound Documents
+
+ A 'document' is a file containing (a set of) data. Files may
+ consist of multiple parts: a plain document, an encrypted
+ document, a digitally-signed documents or a compressed document.
+ Multi-part files are known as compound documents and may require a
+ variety of programs to be used in order to interpret and
+ manipulate it. These programs may be used without the user's
+ knowledge.
+
+ (Computer) Account
+
+ This term describes the authorization to access a specific
+ computer system or network. Each end-user has to use an account,
+ which consists most probably of a combination of user name and
+ password or another means of proving that the end-user is the
+ person the account is assigned to.
+
+ Configuring Network Services
+
+ The part of an administrator's task that is related to specifying
+ the conditions and details of network services that govern the
+ service provision. In regard to a Web server, this includes which
+ Web pages are available to whom and what kind of information is
+ logged for later review purposes.
+
+
+
+Guttman, et. al. Informational [Page 22]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ Cookies
+
+ Cookies register information about a visit to a web site for
+ future use by the server. A server may receive information of
+ cookies of other sites as well which create concern in terms of
+ breach of privacy.
+
+ Cracker
+
+ This term is used to describe attackers, intruders or other bad
+ guys that do not play by the rules and try to circumvent security
+ mechanisms and/or attack individuals and organisations.
+
+ Daemons (inetd, talkd, etc.)
+
+ These are processes that run on computer systems to provide
+ services to other computer systems or processes. Typically,
+ daemons are considered "servers".
+
+ Decrypting
+
+ The process of reversing the encryption of a file or message to
+ recover the original data in order to use or read it.
+
+ Default Account
+
+ Some systems and server software come with preconfigured accounts.
+ These accounts may be set up with a predefined (user name and)
+ password to allow anyone access and are often put there to make it
+ convenient for users to login initially. Default accounts should
+ be turned off or have their predefined passwords changed, to
+ reduce the risk of abuse to the system.
+
+ Dial-in Service
+
+ A way of providing access to computer systems or networks via a
+ telecommunications network. A computer uses a modem to make a
+ telephone call to a another modem, which in turn provides 'network
+ access service'. See also: PPP.
+
+ Digital Signature
+
+ A digital signature is created by a mathematical computer program.
+ It is not a hand-written signature nor a computer-produced picture
+ of one. The signature is like a wax seal that requires a special
+ stamp to produce it, and is attached to an Email message or file.
+ The origin of the message or file may then be verified by the
+ digital signature (using special tools).
+
+
+
+Guttman, et. al. Informational [Page 23]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ Downloaded Software
+
+ Software packages retrieved from the Internet (using, for example,
+ the FTP protocol).
+
+ Downloading
+
+ The act of retrieving files from a server on the network.
+
+ Email Packages
+
+ To communicate via electronic mail, an end-user usually makes use
+ of an Email client that provides the user-interface to create,
+ send, retrieve and read Email. Various different Email packages
+ provide the same set of basic functions but have different user-
+ interfaces and perhaps, special/extra functions. Some Email
+ packages provide encryption and digital signature capabilities.
+
+ Email Security Software
+
+ Software which provides security through digital signatures and
+ encryption (and decryption) to enable the end-user to protect
+ messages and documents prior to sending them over a possibly
+ insecure network. PGP is an example of such software.
+
+ Encrypting / Encryption
+
+ This is a mathematical process of scambling data for privacy
+ protection.
+
+ Encryption Software
+
+ The software that actually provides the needed functionality for
+ end users to encrypt messages and files. PGP is one example.
+
+ End-User
+
+ An (human) individual that makes use of computer systems and
+ networks.
+
+ Files (programs, data, text and so on)
+
+ Files include user data, but also programs, the computer operating
+ system and the system's configuration data.
+
+
+
+
+
+
+
+Guttman, et. al. Informational [Page 24]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ File Server
+
+ A computer system that provides a way of sharing and working on
+ files stored on the system among users with access to these files
+ over a network.
+
+ File Transfer
+
+ The process of transferring files between two computer systems
+ over a network, using a protocol such as FTP or HTTP.
+
+ Fixes, Patches and installing them
+
+ Vendors, in response to the discovery of security vulnerabilities,
+ provide sets of files that have to be installed on computer
+ systems. These files 'fix' or 'patch' the computer system or
+ programs and remove the security vulnerability.
+
+ FTP (File Transfer Protocol)
+
+ A protocol that allows for the transfer of files between an FTP
+ client and FTP server.
+
+ Group of Users
+
+ Security software often allow permissions to be set for groups (of
+ users) as opposed to individuals.
+
+ Help Desk
+
+ A support entity that can be called upon to get help with a
+ computer or communication problem.
+
+ Internet
+
+ A collection of interconnected networks that use a common set of
+ protocols called the TCP/IP stack to enable communication between
+ the connected computer systems.
+
+ Key Escrow
+
+ Keys are used to encrypt and decrypt files. key escrow is used to
+ store keys for use by third parties to access the data in
+ encrypted files.
+
+
+
+
+
+
+
+Guttman, et. al. Informational [Page 25]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ Keys Used to Encrypt and Decrypt Files
+
+ To make use of encryption, an end-user has to provide some secret,
+ in the form of some data, usually called a key.
+
+ Log In, Logging into a System
+
+ This is an action performed by an end-user, when he authenticates
+ himself to a computer system.
+
+ Log In Prompt
+
+ The characters that are displayed when logging into a system to
+ ask for user name and password.
+
+ Logged In
+
+ If an end-user has successfully proven to have legitimate access
+ to a system, he is considered to be logged in.
+
+ Logging
+
+ Systems and server software often provide the ability to keep
+ track of events. Events may be configured to be written out to a
+ file known as a log. The log file can be read later and allows
+ for system failures and security breaches to be identified.
+
+ Masquerade (see Remote Log In)
+
+ Anyone who pretends to be someone they are not in order to obtain
+ access to a computer account is said to be in 'masquerade'. This
+ may be accomplished by providing a false user name, or stealing
+ someone else's password and logging in as him.
+
+ Network File System (NFS, file sharing with PCs, etc.)
+
+ NFS is an application and protocol suite that provides a way of
+ sharing files between clients and servers. There are other
+ protocols which provide file access over networks. These provide
+ similar functionality, but do not interoperate with each other.
+
+ Networking Features of Software
+
+ Some software has features which make use of the network to
+ retrieve or share data. It may not be obvious that software has
+ networking features.
+
+
+
+
+
+Guttman, et. al. Informational [Page 26]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ Network Services
+
+ Services which are not provided on the local computer system the
+ end-user is working on but on a server located in the network.
+
+ One-Time Passwords (OTP)
+
+ Instead of using the same password over and over again, a
+ different password is used on each subsequent log in.
+
+ Passphrase
+
+ A passphrase is a long password. It is often composed of several
+ words and symbols to make it harder to guess.
+
+ Password-Locked Screensaver
+
+ A screen saver obscures the normal display of a monitor. A
+ password-locked screensaver can only be deactivated if the end-
+ user's password is supplied. This prevents a logged-in system
+ from being abused and hides the work currently being done from
+ passers-by.
+
+ Patch
+
+ See "Fixes, Patches and installing them"
+
+ Permissions
+
+ Another word for the access controls that are used to control the
+ access to files and other resources.
+
+ PGP (Pretty Good Privacy)
+
+ PGP is an application package that provides tools to encrypt and
+ digitally sign files on computer systems. It is especially useful
+ to encrypt and/or sign files and messages before sending them via
+ Email.
+
+ Plug-in Modules
+
+ Software components that integrate into other software (such as
+ web browsers) to provide additional features.
+
+
+
+
+
+
+
+
+Guttman, et. al. Informational [Page 27]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ Point-of-Contact, Security
+
+ In case of security breaches or problems, many organisations
+ provide a designated point-of-contact which can alert others and
+ take the appropriate actions.
+
+ PPP (Point to Point Protocol)
+
+ PPP is the mechanism which most end-users establish a network
+ connection between their PC and their Internet service provider
+ with. Once connected, the PC is able to transmit and receive data
+ to any other system on the network.
+
+ Privacy Programs
+
+ Another term for encryption software that highlights the use of
+ this software to protect the confidentiality and therefore privacy
+ of the end-users that make use of it.
+
+ Remote Access Software
+
+ This software allows a computer to use a modem to connect to
+ another system. It also allows a computer to 'listen' for calls
+ on a modem (this computer provides 'remote access service'.)
+ Remote access software may provide access to a single computer or
+ to a network.
+
+ Remote Log In
+
+ If an end-user uses a network to log in to a system, this act is
+ known as remote log in.
+
+ Security Features
+
+ These are features which provide protection or enable end-users
+ and administrators to assess the security of a system, for
+ example, by auditing it.
+
+ Security Policy
+
+ A security policy is written by organisations to address security
+ issues, in the form of "do's" and "don'ts". These guidelines and
+ rules are for users with respect to physical security, data
+ security, information security and content (eg. rules stating that
+ sites with sexual content should not be visited, and that
+ copyrights should be honoured when downloading software, etc).
+
+
+
+
+
+Guttman, et. al. Informational [Page 28]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ Server
+
+ A server is a computer system, or a set of processes on a computer
+ system providing services to clients across a network.
+
+ Shared Account
+
+ A common account is one which is shared by a group of users as
+ opposed to a normal account which is available to only one user.
+ If the account is misused, it is very difficult or impossible to
+ know which of users was responsible.
+
+ Sharing Permissions
+
+ Many computer systems allow users to share files over a network.
+ These systems invariably provide a mechanism for users to use to
+ control who has permission to read or overwrite these files.
+
+ Site
+
+ Depending on the context in which this term is used, it might
+ apply to computer systems that are grouped together by
+ geographical location, organizational jurisdiction, or network
+ addresses. A Site typically refers to a network under a common
+ administration.
+
+ SSH (Secure Shell)
+
+ SSH provides a protocol between a client and server, allowing for
+ encrypted remote connectivity.
+
+ SSL (Secure Sockets Layer)
+
+ This protocol provides security services to otherwise insecure
+ protocols which operate over a network. SSL is typically used by
+ web browsers to encrypt data sent to and downloaded from a server.
+
+ Systems Administrator
+
+ The individual who maintains the system and has system
+ administrator privileges. In order to avoid errors and mistakes
+ done by this individual while not acting as an administrator,
+ he/she should limit the time he/she acts as an administrator (as
+ known to the system) to a minimum.
+
+
+
+
+
+
+
+Guttman, et. al. Informational [Page 29]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ System Administrator Privileges
+
+ System administrators have more rights (greater permissions) as
+ their work involve the maintenance of system files.
+
+ System Files
+
+ The set of files on a system that do not belong to end-users,
+ which govern the functionality of the system. System files have
+ a great impact on the security of the system.
+
+ Telnet
+
+ A protocol that enables remote log in to other computer systems
+ over the network.
+
+ Terminal
+
+ A dumb device that is connected to a computer system in order to
+ provide (text-based) access to it for users and administrators.
+
+ Terms of Service (TOS)
+
+ See "Acceptable Use Policy (AUP)".
+
+ Threats
+
+ The potential that an existing vulnerability can be exploited to
+ compromise the security of systems or networks. Even if a
+ vulnerability is not known, it represents a threat by this
+ definition.
+
+ Trojan Horse
+
+ A program which carries within itself a means to allow the creator
+ of the program access to the system using it.
+
+ Virus
+
+ A program which replicates itself on computer systems by
+ incorporating itself (secretly and maliciously) into other
+ programs. A virus can be transferred onto a computer system in a
+ variety of ways.
+
+ Virus-Detection Tool
+
+ Software that detects and possibly removes computer viruses,
+ alerting the user appropriately.
+
+
+
+Guttman, et. al. Informational [Page 30]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+ Vulnerability
+
+ A vulnerability is the existence of a weakness, design, or
+ implementation error that can lead to an unexpected, undesirable
+ event compromising the security of the system, network,
+ application, or protocol involved.
+
+ Web Browser Cache
+
+ This is the part of the file system that is used to store web
+ pages and related files. It can be utilized to reload recently
+ accessed files from the cache instead of loading it every time
+ from the network.
+
+ Web Browser Capabilities
+
+ The set of functionalities on a web browser for use by the end-
+ user. This includes the set of plug-ins available.
+
+ Web Server
+
+ A server program that provides access to web pages. Some web
+ servers provide access to other services, such as databases, and
+ directories.
+
+ Worm
+
+ A computer program which replicates itself and is self-
+ propogating. Worms, as opposed to viruses, are meant to spawn in
+ network environments.
+
+Acknowledgments
+
+ The User Security Handbook was a collaborative effort of the Site
+ Security Handbook Working Group of the IETF. There were also others
+ who made significant contributions --- Simson Garfinkle and Eric
+ Luiijf provided very helpful feedback on this document. The Glossary
+ contribution by Klaus-Peter Kossakowski is much appreciated.
+
+References
+
+ [GLOSSARY] Malkin, G., Ed., "Internet User's Glossary", FYI 18, RFC
+ 1983 August 1996.
+
+ [RFC2196] Fraser, B., Ed., "Site Security Handbook", FYI 8, RFC 2196
+ September 1997.
+
+
+
+
+
+Guttman, et. al. Informational [Page 31]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+Security Considerations
+
+ This document discusses what computer users can do to improve
+ security on their systems.
+
+Authors' Addresses
+
+ Erik Guttman
+ Sun Microsystems
+ Bahnstr. 2
+ 74915 Waibstadt
+ Germany
+
+ Phone: +49 7263 911701
+ EMail: erik.guttman@sun.com
+
+
+ Lorna Leong
+ COLT Internet
+ 250 City Road
+ City Forum, London
+ England
+
+ Phone: +44 171 390 3900
+ EMail: lorna@colt.net
+
+
+ Gary Malkin
+ Bay Networks
+ 8 Federal Street
+ Billerca, MA 01821
+ USA
+
+ Phone: +1 508 916 4237
+ EMail: gmalkin@baynetworks.com
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Guttman, et. al. Informational [Page 32]
+
+RFC 2504 Users' Security Handbook February 1999
+
+
+Full Copyright Statement
+
+ Copyright (C) The Internet Society (1999). All Rights Reserved.
+
+ This document and translations of it may be copied and furnished to
+ others, and derivative works that comment on or otherwise explain it
+ or assist in its implementation may be prepared, copied, published
+ and distributed, in whole or in part, without restriction of any
+ kind, provided that the above copyright notice and this paragraph are
+ included on all such copies and derivative works. However, this
+ document itself may not be modified in any way, such as by removing
+ the copyright notice or references to the Internet Society or other
+ Internet organizations, except as needed for the purpose of
+ developing Internet standards in which case the procedures for
+ copyrights defined in the Internet Standards process must be
+ followed, or as required to translate it into languages other than
+ English.
+
+ The limited permissions granted above are perpetual and will not be
+ revoked by the Internet Society or its successors or assigns.
+
+ This document and the information contained herein is provided on an
+ "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
+ TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
+ BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
+ HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
+ MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Guttman, et. al. Informational [Page 33]
+