RFC1244 - Page 31

• Title: Site Security Handbook
• Author: J.P. Holbrook, J.K. Reynolds
• Date: July 1, 1991

Page Navigation:

1  2  3  4  5  6  7  8  9  10  11  12  13  14  15  16  17  18  19  20  21  22  23  24  25  26  27  28  29  30  31  32  33  34  35  36  37  38  39  40  41  42  43  44  45  46  47  48  49  50  51  52  53  54  55  56  57  58  59  60  61  62  63  64  65  66  67  68  69  70  71  72  73  74  75  76  77  78  79  80  81  82  83  84  85  86  87  88  89  90  91  92  93  94  95  96  97  98  99  100  101 

Printable Version: RFC1244.PDF

RFC 1244                 Site Security Handbook                July 1991


         and workstation.  This includes explaining how to protect files
         stored on the system, how to log out or lock the terminal or
         workstation, and so on.  Much of this information is typically
         covered in the "beginning user" documentation provided by the
         operating system vendor, although many sites elect to
         supplement this material with local information.

         If your site offers dial-up modem access to the computer
         systems, special care must be taken to inform users of the
         security problems inherent in providing this access.  Issues
         such as making sure to log out before hanging up the modem
         should be covered when the user is initially given dial-up
         access.

         Likewise, access to the systems via local and wide-area
         networks presents its own set of security problems which users
         should be made aware of.  Files which grant "trusted host" or
         "trusted user" status to remote systems and users should be
         carefully explained.

      3.8.1.3  Determining Account Misuse

         Users should be told how to detect unauthorized access to their
         account.  If the system prints the last login time when a user
         logs in, he or she should be told to check that time and note
         whether or not it agrees with the last time he or she actually
         logged in.

         Command interpreters on some systems (e.g., the UNIX C shell)
         maintain histories of the last several commands executed.
         Users should check these histories to be sure someone has not
         executed other commands with their account.

      3.8.1.4  Problem Reporting Procedures

         A procedure should be developed to enable users to report
         suspected misuse of their accounts or other misuse they may
         have noticed.  This can be done either by providing the name
         and telephone number of a system administrator who manages
         security of the computer system, or by creating an electronic
         mail address (e.g., "security") to which users can address
         their problems.

   3.8.2  Educating the Host Administrators

      In many organizations, computer systems are administered by a wide
      variety of people.  These administrators must know how to protect
      their own systems from attack and unauthorized use, as well as how



Site Security Policy Handbook Working Group                    [Page 31]