home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
InfoMagic Standards 1994 January
/
InfoMagic Standards - January 1994.iso
/
inet
/
scc
/
9006
< prev
next >
Wrap
Text File
|
1991-07-10
|
3KB
|
53 lines
***********************************************************************
DDN Security Bulletin 90-06 DCA DDN Defense Communications System
27 Mar 90 Published by: DDN Security Coordination Center
(SCC@NIC.DDN.MIL) (800) 235-3155
DEFENSE DATA NETWORK
SECURITY BULLETIN
The DDN SECURITY BULLETIN is distributed by the DDN SCC (Security
Coordination Center) under DCA contract as a means of communicating
information on network and host security exposures, fixes, & concerns
to security & management personnel at DDN facilities. Back issues may
be obtained via FTP (or Kermit) from NIC.DDN.MIL [26.0.0.73]
using login="anonymous" and password="guest". The bulletin pathname is
SCC:DDN-SECURITY-yy-nn (where "yy" is the year the bulletin is issued
and "nn" is a bulletin number, e.g. SCC:DDN-SECURITY-90-01).
**********************************************************************
PRECAUTIONARY NOTE
April Fools' day (April 1) has traditionally been a time for pranks of
all kinds. In order to guard against possible benign or malevolent
attempts to affect the normal operation of your host, we suggest taking
the following easy precautions:
1. Write a set of emergency procedures for your site and keep it up
to date. Refer to DDN Security Bulletin 90-03 for help regarding
the type of information to collect and whom to call.
2. Save your files regularly, and make file back-ups often. Put
the distribution copies of your software in a safe place away
from your computer room. Don't forget where they're stored!
3. Avoid trivial passwords and change them often. (See the "Green
Book" (Department of Defense Password Management Guideline),
CSC-STD-002-85, for information on the use of passwords.)
4. Check to make sure your host has no unauthorized users or
accounts. Also check for obsolete accounts (a favorite path for
intruders to gain access).
5. Restrict system ("superuser", "maint", etc.) privileges to the
minimum number of accounts you possibly can.
6. Well publicized accounts including "root", "guest", etc., having
system privileges should be renamed to avoid undue attention.
7. Keep your maintenance contracts active.
Of course, these steps should be taken throughout the year as part of
your regular operating procedures.