home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Internet Info 1994 March
/
Internet Info CD-ROM (Walnut Creek) (March 1994).iso
/
inet
/
scc
/
ddn-security-9225
< prev
next >
Wrap
Text File
|
1992-10-06
|
6KB
|
115 lines
**************************************************************************
Security Bulletin 9225 DISA Defense Communications System
October 7, 1992 Published by: DDN Security Coordination Center
(SCC@NIC.DDN.MIL) 1-(800) 365-3642
DEFENSE DATA NETWORK
SECURITY BULLETIN
The DDN SECURITY BULLETIN is distributed by the DDN SCC (Security
Coordination Center) under DISA contract as a means of communicating
information on network and host security exposures, fixes, and concerns
to security and management personnel at DDN facilities. Back issues may
be obtained via FTP (or Kermit) from NIC.DDN.MIL [192.112.36.5]
using login="anonymous" and password="guest". The bulletin pathname is
scc/ddn-security-yynn (where "yy" is the year the bulletin is issued
and "nn" is a bulletin number, e.g. scc/ddn-security-9225).
**************************************************************************
TAC Access Control Policy Circular Announcement
A circular describing TAC Access and related policies will soon
be released in conjunction with the release of DDN Management
Bulletin #101, which describes MILNET TAC user validation and
registration. This circular will define the areas of respon-
sibility for procuring TAC Access and make public the official
policies and procedures regarding the administration, processing,
validation and distribution of MILNET TAC Access Cards.
The "TAC Access Control Policy Circular" will apply to all
Service and Agency host and gateway administrators who are
authorized to submit requests for TAC Cards. The circular will
be provided to other addresses for general information and
guidance.
The Circular will consist of seven parts each of which will
describe the various aspects of TAC Access in detail. Among
those topics discussed will be the following:
* policies for authorization and administration
of network access via a TAC,
* procedures for ensuring network security and
preventing unauthorized TAC Access,
* proper procedures for using TAC Access Cards,
* a description of the re-registration process and
its function relative to TAC Card issuance,
* updated policies and procedures related to
quarterly Guest TAC Cards.
In addition to the information outlined in this Circular,
please refer to the following DDN Management Bulletins for
further discussion of procedures and policies relating to
TAC Usage and TAC Card issuance:
* DDN Management Bulletin #37, 16 Dec 87, DDN Node Site
Coordinator (NSC) and Host Administrator Duties
* DDN Management Bulletin #94, 16 Mar 92, MILNET/NIC
Re-registration Schedule and TAC Card Expiration
* DDN Management Bulletin #101, 24 Sep 92, MILNET TAC
User Validation and Registration
All gateways,concentrators, or routers that are directly
attached to the MILNET (i.e., those that have a 26 network
address) have designated administrators that are registered
with the NIC. These administrators have primary responsibility
for requesting/authorizing TAC Access Cards. The gateway admini-
istrators have the option of delegating this authority to the host
administrators of systems that access MILNET via their gateways.
These host administrators must also be registered with the NIC.
Users applying for TAC access cards must contact their local host
administrators or the NIC to determine the required signature
authority for their site.
Hosts that are directly connected to MILNET (those that have a
network address of 26) also have designated administrators that
must be registered with the NIC. These host administrators have the
authority to request TAC access cards. However, some MILNET hosts
that are currently direct-connected are being disconnected and
moved behind gateways/concentrators. The administrators of such hosts
must be delegated the authority to request TAC access cards by the
administrator of the gateway that provides their connection to
MILNET (in accordance with the Draft TAC Access Control Policy
Circular).
This delegation of authority will allow administrators of hosts
behind gateways/concentrators to register their users to their local
hosts and to request TAC Access Cards for them. Users of hosts that
have moved behind gateways must be re-registered so that they will
appear in the NIC database as associated with the correct host and
gateway. Therefore, all administrators of hosts moving behind gateways
MUST coordinate with the administrator of their gateway/concentrator
and with the DDN NIC Registrar to arrange the re-registration of
their TAC users BEFORE the host on which they are currently registered
is disconnected.
****************************************************************************
* *
* The point of contact for MILNET security-related incidents is the *
* Security Coordination Center (SCC). *
* *
* E-mail address: SCC@NIC.DDN.MIL *
* *
* Telephone: 1-(800)-365-3642 *
* *
* NIC Help Desk personnel are available from 7:00 a.m.-7:00 p.m. EST, *
* Monday through Friday except on federal holidays. *
* *
****************************************************************************