rfc2504.txt

RFC 的详细文档！

Guttman, et. al.             Informational                     [Page 16]

RFC 2504                Users' Security Handbook           February 1999


   Checking vital system files for corruption, tampering or malicious
   replacement is very tedious work to do by hand.  Fortunately there are
   many virus detection programs available for PCs and Macintosh
   computers.  There are security auditing programs available for
   UNIX-based computers.  If software is downloaded from the network, it
   is wise to run virus detection or auditing tools regularly.

   If it becomes clear that a home system has been attacked, it is time
   to clean up.  Ideally, a system should be rebuilt from scratch.  This
   means erasing everything on the hard disk.  Next, install the
   operating system and then all additional software the system needs.
   It is best to install the operating system and additional software
   from the original distribution diskettes or CD-roms, rather than from
   backup storage.  The reason for this is that a system may have been
   broken into some time ago, so the backed up system or program files
   may already include some altered files or viruses.  Restoring a system
   from scratch is tedious but worthwhile.  Do not forget to re-install
   all security related fixes you had installed before the security
   incident.  Obtain these from a verified, unsuspicious source.

6.3 Email

   Remember to be careful with saved Email.  Copies of sent or received
   Email (or indeed any file at all) placed in storage provided by an
   Internet service provider may be vulnerable.  The risk is that
   someone might break into the account and read the old Email.  Keep
   your Email files, indeed any sensitive files, on your home machine.

7. Home Alone

   A home system can be broken into over the Internet if a home user is
   unwary.  The files on the home system can be stolen, altered or
   destroyed.  The system itself, if compromised, could be accessed
   again some time in the future.  This section describes issues and
   makes recommendations relevant to a home user of the Internet.

7.1 Beware of Daemons

   A home system which uses PPP to connect directly to the Internet is
   increasingly common.  These systems are at the greatest risk if they
   run certain kinds of programs called "services".  If you run a
   service, you are in effect making your computer available to others
   across the network.  Some services include:

   - File servers (an NFS server, a PC with 'file sharing' turned on)
   - An FTP server
   - A Web server




Guttman, et. al.             Informational                     [Page 17]

RFC 2504                Users' Security Handbook           February 1999


   There are, in general, two types of programs which operate on the
   Internet:  Clients (like web browsers and Email programs) and Servers
   (like web servers and mail servers).

   Most software which runs on home systems is of the client variety;
   but, increasingly, server software is available on traditionally
   client platforms (e.g., PCs).  Server software which runs in the
   background is referred to as a "daemon" (pronounced dee-mon).  Many
   Internet server software programs that run as daemons have names that
   end in `d', like "inetd" (Internet Daemon) and "talkd" (Talk Daemon).
   When set to run, these programs wait for clients to request some
   particular service from across the network.

   There are four very important things to keep in mind as far as the
   security implications of running services on a home computer are
   concerned.

    - First and most important, if a server is not properly configured,
      it is very vulnerable to being attacked over a network.  It is
      vital, if you run services, to be familiar with the proper
      configuration.  This is often not easy, and may require training
      or technical expertise.

    - All software has flaws, and flaws exploited deviously can be used
      to breach computer security.  If you run a server on your home
      machine, you have to stay aware.  This requires work:  You have to
      stay in touch with the supplier of the software to get security
      updates.  It is highly recommended that you keep up with security
      issues through on-line security forums. See [RFC2196] for a list
      of references.

      If security flaws in your server software are discovered, you will
      need to either stop using the software or apply "patches" or
      "fixes" which eliminate the vulnerability.  The supplier of the
      software, if it is a decent company or freeware author, will
      supply information and updates to correct security flaws.  These
      "patches" or "fixes" must be installed as soon as possible.

    - As a rule of thumb, the older the software, the greater the chance
      that it has known vulnerabilities. This is not to say you should
      simply trust brand new software either!  Often, it takes time to
      discover even obvious security flaws in servers.

    - Some servers start up without any warning.  There are some web
      browsers and telnet clients which automatically start FTP servers
      if not explicitly configured to not do so.  If these servers are
      not themselves properly configured, the entire file system of the
      home computer can become available to anyone on the Internet.



Guttman, et. al.             Informational                     [Page 18]

RFC 2504                Users' Security Handbook           February 1999


   In general, any software MAY start up a network daemon.  The way to
   be safe here is to know the products you are using.  Read the manual,
   and if any questions arise, call the company or mail the author of
   free software to find out if you are actually running a service by
   using the product.

   A home user running a remote login service on his home machine faces
   very serious risks.  This service allows the home user to log in to
   his home machine from other computers on the Internet and can be
   quite convenient.  But the danger is that someone will secretly
   observe the logging in and then be able to masquerade as the user
   whenever they choose to do so in the future.  See "The Wires Have
   Ears" which suggests precautions to take for remote log in.

   If possible, activate all "logging" options in your server software
   which relate to security.  You need to review these logs regularly in
   order to gain any benefit from this logging.  You should also be
   aware that logs often grow very quickly in size, so you need to be
   careful they don't fill up your hard disk!

7.2 Going Places

   Remote logins allow a user privileged access onto physically remote
   systems from the comfort of his own home.

   More and more companies are offering their employees the ability to
   work from home with access to their computer accounts through dial-up
   connections.  As the convenience of Internet connectivity has led to
   lowered costs and wide-spread availability, companies may allow
   remote login to their systems via the Internet.  Customers of
   companies with Internet access may also be provided with remote login
   accounts.  These companies include Internet service providers, and
   even banks.  Users should be very careful when making remote logins.

   As discussed in "The Wires have Ears" section, Internet connections
   can be eavesdropped on.  If you intend to use a remote login service,
   check that the connection can be done securely, and make sure that
   you use the secure technologies/features.

   Connections may be secured using technologies like one-time
   passwords, secure shell (SSH) and Secure Sockets Layer (SSL).  One-
   time passwords make a stolen password useless to steal, while secure
   shell encrypts data sent over the connection.  Please refer to "Don't
   Get Caught in the Web" for a discussion on SSL.  Secure services such
   as these have to be made available on the systems to which you log in
   remotely.





Guttman, et. al.             Informational                     [Page 19]

RFC 2504                Users' Security Handbook           February 1999


7.3 Secure It!

   Administering your own home computer means you get to choose what
   software is run on it.  Encryption software provides protection for
   data.  If you keep business records and other sensitive data on your
   computer, encryption will help to keep it safe.  For example, if you
   ran a network service from your home computer and missed setting
   restrictions on a private directory, a remote user (authorized or
   not) may gain access to files in this private directory.  If the
   files are encrypted, the user will not be able to read them.  But as
   with all forms of encryption running on any system, the keys and
   passwords should first be kept safe!

8.  A Final Note

   This document has provided the reader with an introduction and as
   much concise detail as possible.  Present security issues go out of
   date quickly, and although effort has been made to keep discussions
   general, examples given may not be relevant in the future as the
   Internet and computer industry continue to grow.

   Just as home-owners are now taking increased cautions at the expense
   of convenience, to secure their homes in the changing world we live
   in, computer network users should not ignore security.  It may be
   inconvenient, but it is always better to be safe than sorry.


























Guttman, et. al.             Informational                     [Page 20]

RFC 2504                Users' Security Handbook           February 1999


Appendix: Glossary of Security Terms

   Acceptable Use Policy (AUP)

      A set of rules and guidelines that specify in more or less detail
      the expectations in regard to appropriate use of systems or
      networks.

   Account

      See (Computer) Account

   Anonymous and Guest Log In

      Services may be made available without any kind of authentication.
      This is commonly done, for instance, with the FTP protocol to
      allow anonymous access.  Other systems provide a special account
      named "guest" to provide access, typically restricting the
      privileges of this account.

   Auditing Tool

      Tools to analyze computer systems or networks in regard to their
      security status or in relation to the set of services provided by
      them.  COPS (Computer Oracle Password and Security analyzer) and
      SATAN (Security Administrator's Tool for Analyzing Networks) are
      famous examples of such tools.

   Authentication

      Authentication refers to mechanisms which are used to verify the
      identity of a user.  The process of authentication typically
      requires a name and a password to be supplied by the user as proof
      of his identity.

   Centrally-Administered Network

      A network of systems which is the responsibility of a single group
      of administrators who are not distributed but work centrally to
      take care of the network.

   Certificate

      Certificates are data which is used to verify digital signatures.
      A certificate is only as trustworthy as the agency which issued
      it.  A certificate is used to verify a particular signed item,
      such as an Email message or a web page.  The digital signature,
      the item and the certificate are all processed by a mathematical



Guttman, et. al.             Informational                     [Page 21]

RFC 2504                Users' Security Handbook           February 1999


      program. It is possible to say, if the signature is valid, that
      "According to the agency which issued the certificate, the signer
      was (some name)".

   Clean System

      A computer which has been freshly installed with its operating
      system and software obtainied from trusted software distribution
      media.  As more software and configuration are added to a
      computer, it becomes increasingly difficult to determine if the
      computer is 'clean' or has been compromised by viruses, trojan
      horse or misconfiguration which reduces the security of the
      system.