From 4bfd864f10b68b71482b35c818559068ef8d5797 Mon Sep 17 00:00:00 2001 From: Thomas Voss Date: Wed, 27 Nov 2024 20:54:24 +0100 Subject: doc: Add RFC documents --- doc/rfc/rfc1173.txt | 283 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 283 insertions(+) create mode 100644 doc/rfc/rfc1173.txt (limited to 'doc/rfc/rfc1173.txt') diff --git a/doc/rfc/rfc1173.txt b/doc/rfc/rfc1173.txt new file mode 100644 index 0000000..2910f61 --- /dev/null +++ b/doc/rfc/rfc1173.txt @@ -0,0 +1,283 @@ + + + + + + +Network Working Group J. Van Bokkelen +Request for Comments: 1173 FTP Software, Inc. + August 1990 + + + Responsibilities of Host and Network Managers + A Summary of the "Oral Tradition" of the Internet + +Status of this Memo + + This informational RFC describes the conventions to be followed by + those in charge of networks and hosts in the Internet. It is a + summary of the "oral tradition" of the Internet on this subject. + [RFC Editor's note: This memo is a contribution by the author of his + view of these conventions. It is expected that this RFC will provide + a basis for the development of official policies in the future.] + These conventions may be supplemented or amended by the policies of + specific local and regional components of the Internet. This RFC + does not specify a standard, or a policy of the IAB. Distribution of + this memo is unlimited. + +Table of Contents + + Status of this Memo .............................................. 1 + 1. Basic Responsibilities......................................... 1 + 2. Responsibilities of Network Managers........................... 2 + 3. Responsibilities of Host System Managers....................... 2 + 4. Postmaster@foo.bar.baz......................................... 3 + 5. Problems and Resolutions....................................... 3 + 6. The Illusion of Security....................................... 4 + 7. Summary........................................................ 5 + 8. Security Considerations........................................ 5 + 9. Author's Address............................................... 5 + +1. Basic Responsibilities + + The Internet is a co-operative endeavor, and its usefulness depends + on reasonable behaviour from every user, host and router in the + Internet. It follows that people in charge of the components of the + Internet MUST be aware of their responsibilities and attentive to + local conditions. Furthermore, they MUST be accessible via both + Internet mail and telephone, and responsive to problem reports and + diagnostic initiatives from other participants. + + Even local problems as simple and transient as system crashes or + power failures may have widespread effects elsewhere in the net. + Problems which require co-operation between two or more responsible + individuals to diagnose and correct are relatively common. Likewise, + + + +Van Bokkelen [Page 1] + +RFC 1173 Responsibilities of Host and Network Managers August 1990 + + + the tools, access and experience needed for efficient analysis may + not all exist at a single site. + + This communal approach to Internet management and maintenance is + dictated by the present decentralized organizational structure. The + structure, in turn, exists because it is inexpensive and responsive + to diverse local needs. Furthermore, for the near term, it is our + only choice; I don't see any prospect of either the government or + private enterprise building a monolithic, centralized, ubiquitous "Ma + Datagram" network provider in this century. + +2. Responsibilities of Network Managers + + One or more individuals are responsible for every IP net or subnet + which is connected to the Internet. Their names, phone numbers and + postal addresses MUST be supplied to the Internet NIC (or to the + local or regional transit network's NIC) prior to the network's + initial connection to the Internet, and updates and corrections MUST + be provided in a timely manner for as long as the net remains + connected. + + In order to adequately deal with problems that may arise, a network + manager must have either: + + A. System management access privileges on every host and router + connected to the local network, or: + + B. The authority and access to either power off, re-boot, + physically disconnect or disable forwarding IP datagrams from + any individual host system that may be misbehaving. + + For all networks, a network manager capable of exercising this level + of control MUST be accessible via telephone 8 hours a day, 5 days a + week. For nets carrying transit traffic, a network manager SHOULD be + accessible via telephone 24 hours a day. + +3. Responsibilities of Host System Managers + + One or more individuals must be responsible for every host connected + to the Internet. This person MUST have the authority, access and + tools necessary to configure, operate and control access to the + system. For important timesharing hosts, primary domain name servers + and mail relays or gateways, responsible individual(s) SHOULD be + accessible via telephone 24 hours a day, 7 days a week. + + For less-important timesharing hosts or single-user PCs or + workstations, the responsible individual(s) MUST be prepared for the + possiblity that their network manager may have to intervene in their + + + +Van Bokkelen [Page 2] + +RFC 1173 Responsibilities of Host and Network Managers August 1990 + + + absence, should the resolution of an Internet problem require it. + +4. Postmaster@foo.bar.baz + + Every Internet host that handles mail beyond the local network MUST + maintain a mailbox named "postmaster". In general, this should not + simply forward mail elsewhere, but instead be read by a system + maintainer logged in to the machine. This mailbox SHOULD be read at + least 5 days a week, and arrangements MUST be made to handle incoming + mail in the event of the absence of the normal maintainer. + + A machine's "postmaster" is the normal point of contact for problems + related to mail delivery. Because most traffic on the long-haul + segments of the Internet is in the form of mail messages, a local + problem can have significant effects elsewhere in the Internet. Some + problems may be system-wide, such as disk or file system full, or + mailer or domain name server hung, crashed or confused. Others may + be specific to a particular user or mailing list (incorrect aliasing + or forwarding, quota exceeded, etc.). + + In either case, the maintainer of a remote machine will normally send + mail about delivery problems to "postmaster". Also, "postmaster" is + normally specified in the "reply-to:" field of automatically + generated mail error messages (unable to deliver due to nonexistent + user name, unable to forward, malformed header, etc.). If this + mailbox isn't read in a timely manner, significant quantities of mail + may be lost or returned to its senders. + +5. Problems and Resolutions + + Advances in network management tools may eventually make it possible + for a network maintainer to detect and address most problems before + they affect users, but for the present, day-to-day users of + networking services represent the front line. No responsible + individual should allow their "dumb-question" filter to become too + restrictive; reports of the form "I haven't gotten any mumblefrotz + mail for a week... " or "I could get there this morning, but not + now..." should always get timely attention. + + There are three basic classes of problems that may have network-wide + scope: User-related, host-related and network-related. + + A. User-related problems can range from bouncing mail or + uncivilized behaviour on mailing lists to more serious + issues like violation of privacy, break-in attempts or + vandalism. + + B. Host-related problems may include mis-configured software, + + + +Van Bokkelen [Page 3] + +RFC 1173 Responsibilities of Host and Network Managers August 1990 + + + obsolete or buggy software and security holes. + + C. Network-related problems are most frequently related to + routing: incorrect connectivity advertisements, routing + loops and black holes can all have major impacts. + Mechanisms are usually in place for handling failure of + routers or links, but problems short of outright failure + can also have severe effects. + + Each class of problem has its own characteristics. User-related + problems can usually be solved by education, but system managers + should be aware of applicable federal and state law as well; Privacy + violations or "cracking" attempts have always been grounds for + pulling a user's account, but now they can also result in + prosecution. Host-related problems are usually resolvable by re- + configuration or upgrading the software, but sometimes the + manufacturer needs to be made aware of a bug, or jawboned into doing + something about it; Bugs that can't be fixed may be serious enough to + require partial or total denial of service to the offending system. + Similar levels of escalation exist for network-related problems, with + the solution of last resort being ostracism of the offending net. + +6. The Illusion of Security + + Every host and network manager MUST be aware that the Internet as + presently constituted is NOT secure. At the protocol level, much + more effort has been put into interoperability, reliability and + convenience than has been devoted to security, although this is + changing. Recent events have made software developers and vendors + more sensitive to security, in both configuration and the underlying + implementation, but it remains to be demonstrated how much long-term + effect this will have. Meanwhile, the existing system survives + through the co-operation of all responsible individuals. + + Security is subjective; one site might view as idle curiosity what + another would see as a hostile probe. Since ultimately the existence + of the Internet depends on its usefulness to all members of the + community, it is important for managers to be willing to accept and + act on other sites' security issues, warning or denying access to + offending users. The offended site, in turn, must be reasonable in + its demands (someone who set off an alarm while idly seeing if the + sendmail "DEBUG" hole was closed on a "sensitive" host probably + should be warned, rather than prosecuted). + + Because Internet security issues may require that local management + people either get in touch with any of their users, or deny an + offending individual or group access to other sites, it is necessary + that mechanisms exist to allow this. Accordingly, Internet sites + + + +Van Bokkelen [Page 4] + +RFC 1173 Responsibilities of Host and Network Managers August 1990 + + + SHOULD NOT have "general use" accounts, or "open" (without password) + terminal servers that can access the rest of the Internet. + + In turn, the "sensitive" sites MUST be aware that it is impossible in + the long term to deny Internet access to crackers, disgruntled former + employees, unscrupulous competitors or agents of other countries. + Getting an offender flushed is at best a stop-gap, providing a + breathing space of a day or an hour while the security holes under + attack are closed. It follows that each host's manager is ultimately + responsible for its security; the more "sensitive" the application or + data, the more intimate the manager must be with the host's operating + system and network software and their foibles. + +7. Summary + + The heart of the Internet is the unique community of interest + encompassing its users, operators, maintainers and suppliers. + Awareness and acceptance of the shared interest in a usable Internet + is vital to its survival and growth. The simple conventions + presented here should be supplemented by common sense as necessary to + achieve that end. + +8. Security Considerations + + Security issues are discussed in Sections 5 and 6. + +9. Author's Address + + James B. VanBokkelen + FTP Software Inc. + 26 Princess St. + Wakefield, MA 01880 + + Phone: 617-246-0900 + + EMail: jbvb@ftp.com + + + + + + + + + + + + + + + +Van Bokkelen [Page 5] + \ No newline at end of file -- cgit v1.2.3