As per Relevance of the word computer, we have this rfc below:
Network Working Group E.
Request for Comments: 2504 Sun
FYI: 34 L.
Category: Informational COLT
G.
Bay
February 1999
Users' Security
Status of this
This memo provides information for the Internet community. It
not specify an Internet standard of any kind. Distribution of
memo is unlimited
Copyright
Copyright (C) The Internet Society (1999). All Rights Reserved
The Users' Security Handbook is the companion to the Site
Handbook (SSH). It is intended to provide users with the
they need to help keep their networks and systems secure
Table of
Part One: Introduction . . . . . . . . . . . . . . . . . . . . 2
1. READ.ME . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. The Wires have Ears . . . . . . . . . . . . . . . . . . . 3
Part Two: End-users in a centrally-administered network . . . 4
3. Watch Out! . . . . . . . . . . . . . . . . . . . . . . . 4
3.1. The Dangers of Downloading . . . . . . . . . . . . . . 4
3.2. Don't Get Caught in the Web . . . . . . . . . . . . . . 5
3.3. Email Pitfalls . . . . . . . . . . . . . . . . . . . . 6
3.4. Passwords . . . . . . . . . . . . . . . . . . . . . . . 7
3.5. Viruses and Other Illnesses . . . . . . . . . . . . . . 7
3.6. Modems . . . . . . . . . . . . . . . . . . . . . . . . 8
3.7. Don't Leave Me... . . . . . . . . . . . . . . . . . . . 9
3.8. File Protections . . . . . . . . . . . . . . . . . . . 9
3.9. Encrypt Everything . . . . . . . . . . . . . . . . . . 10
3.10. Shred Everything Else . . . . . . . . . . . . . . . . . 10
3.11. What Program is This, Anyway? . . . . . . . . . . . . . 11
4. Paranoia is Good . . . . . . . . . . . . . . . . . . . . 11
Part Three: End-users self administering a networked computer 14
5. Make Your Own Security Policy . . . . . . . . . . . . . . 14
Guttman, et. al. Informational [Page 1]
RFC 2504 Users' Security Handbook February 1999
6. Bad Things Happen . . . . . . . . . . . . . . . . . . . . 15
6.1. How to Prepare for the Worst in Advance . . . . . . . . 15
6.2. What To Do if You Suspect Trouble . . . . . . . . . . . 16
6.3. Email . . . . . . . . . . . . . . . . . . . . . . . . . 17
7. Home Alone . . . . . . . . . . . . . . . . . . . . . . . 17
7.1. Beware of Daemons . . . . . . . . . . . . . . . . . . . 17
7.2. Going Places . . . . . . . . . . . . . . . . . . . . . 19
7.3. Secure It! . . . . . . . . . . . . . . . . . . . . . . 20
8. A Final Note . . . . . . . . . . . . . . . . . . . . . . 20
Appendix: Glossary of Security Terms . . . . . . . . . . . . . 21
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 31
References . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Security Considerations . . . . . . . . . . . . . . . . . . . 32
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 32
Full Copyright Statement . . . . . . . . . . . . . . . . . . . 33
Part One:
This document provides guidance to the end-users of computer
and networks about what they can do to keep their data
communication private, and their systems and networks secure.
Two of this document concerns "corporate users" in small, medium
large corporate and campus sites. Part Three of the
addresses users who administer their own computers, such as
users
System and network administrators may wish to use this document
the foundation of a site-specific users' security guide; however
they should consult the Site Security Handbook first [RFC2196].
A glossary of terms is included in an appendix at the end of
document, introducing computer network security notions to those
familiar with them
1. READ.
Before getting connected to the Internet or any other public network
you should obtain the security policy of the site that you intend
use as your access provider, and read it. A security policy is
formal statement of the rules by which users who are given access
a site's technology and information assets must abide. As a user
you are obliged to follow the policy created by the decision
and administrators at your site
A security policy exists to protect a site's hardware, software
data. It explains what the security goals of the site are,
users can and cannot do, what to do and who to contact when
arise, and generally informs users what the "rules of the game" are
Guttman, et. al. Informational [Page 2]
RFC 2504 Users' Security Handbook February 1999
2. The Wires have
It is a lot easier to eavesdrop on communications over data
than to tap a telephone conversation. Any link between computers
potentially be insecure, as can any of the computers through
data flows. All information passing over networks may
eavesdropped on, even if you think "No one will care about this..."
Information passing over a network may be read not only by
intended audience but can be read by others as well. This can
to personal Email and sensitive information that is accessed via
transfer or the Web. Please refer to the "Don't Get Caught in
Web" and "Email Pitfalls" sections for specific information
protecting your privacy
As a user, your utmost concerns should, firstly, be to
yourself against misuse of your computer account(s) and secondly,
protect your privacy
Unless precautions are taken, every time you log in over a network
to any network service, your password or confidential information
be stolen. It may then be used to gain illicit access to systems
have access to. In some cases, the consequences are obvious:
someone gains access to your bank account, you might find
losing some cash, quickly. What is not so obvious is that
which are not financial in nature may also be abused in rather
ways. You may be held responsible if your account is misused
someone else
Many network services involve remote log in. A user is prompted
his or her account ID (ie. user name) and password. If
information is sent through the network without encryption,
message can be intercepted and read by others. This is not really
issue when you are logging in to a "dial-in" service where you make
connection via telephone and log in, say to an online
provider, as telephone lines are more difficult to eavesdrop on
Internet communications
The risk is there when you are using programs to log in over
network. Many popular programs used to log in to services or
transfer files (such as telnet and ftp, respectively) send your
name and password and then your data over the network
encrypting them
The precaution commonly taken against password eavesdropping
larger institutions, such as corporations, is to use one-
password systems
Guttman, et. al. Informational [Page 3]
RFC 2504 Users' Security Handbook February 1999
Until recently, it has been far too complicated and expensive
home systems and small businesses to employ secure log in systems
However, an increasing number of products enable this to be
without fancy hardware, using cryptographic techniques. An
of such a technique is Secure Shell [SSH], which is both freely
commercially available for a variety of platforms. Many
(including SSH-based ones) also allow data to be encrypted before
is passed over the network
Part Two: End-users in a centrally-administered
The following rules of thumb provide a summary of the most
pieces of advice discussed in Part Two of this document
- Know who your security point-of-contact is
- Keep passwords secret at all times
- Use a password-locked screensaver or log out when you leave
desk
- Don't let simply anyone have physical access to your computer
your network
- Be aware what software you run and very wary of software
unknown origin. Think hard before you execute
software
- Do not panic. Consult your security point-of-contact,
possible, before spreading alarm
- Report security problems as soon as possible to your
point-of-contact
3. Watch Out
3.1. The Dangers of
An ever expanding wealth of free software has become available on
Internet. While this exciting development is one of the
attractive aspects of using public networks, you should also
caution. Some files may be dangerous. Downloading poses the
greatest risk
Be careful to store all downloaded files so that you will
their (possibly dubious) origin. Do not, for example, mistake
downloaded program for another program just because they have
same name. This is a common tactic to fool users into
programs they believe to be familiar but could, in fact,
dangerous
Guttman, et. al. Informational [Page 4]
RFC 2504 Users' Security Handbook February 1999
Programs can use the network without making you aware of it.
thing to keep in mind is that if a computer is connected, any
has the capability of using the network, with or without
you. Say, for example
You download a game program from an anonymous FTP server.
appears to be a shoot-em-up game, but unbeknownst to you,
transfers all your files, one by one, over the Internet to
cracker's machine
Many corporate environments explicitly prohibit the downloading
running of software from the Internet
3.2. Don't Get Caught in the
The greatest risk when web browsing is downloading files.
browsers allow any file to be retrieved from the Internet. See "
Dangers of Downloading".
Web browsers are downloading files even when it is not
obvious. Thus, the risk posed by downloading files may be
even if you do not actively go out and retrieve files overtly.
file which you have loaded over the network should be
possibly dangerous (even files in the web browser's cache). Do
execute them by accident, as they may be malicious programs
(Remember, programs are files, too. You may believe you
downloaded a text file, when in fact it is a Trojan Horse program
script, etc.)
Web browsers may download and execute programs on your behalf,
automatically or after manual intervention. You may disable
features. If you leave them enabled, be sure that you understand
consequences. You should read the security guide which
your web browser as well as the security policy of your company.
should be aware that downloaded programs may be risky to execute
your machine. See "What program is this, anyway?".
Web pages often include forms. Be aware that, as with Email,
sent from a web browser to a web server is not secure.
mechanisms have been created to prevent this, most notably
Sockets Layer [SSL]. This facility has been built into many
browsers. It encrypts data sent between the user's web browser
the web server so no one along the way can read it
It is possible that a web page will appear to be genuine, but is,
fact, a forgery. It is easy to copy the appearance of a genuine
page and possible to subvert the network protocols which contact
desired web server, to misdirect a web browser to an imposter
Guttman, et. al. Informational [Page 5]
RFC 2504 Users' Security Handbook February 1999
That threat may be guarded against using SSL to verify if a web
is genuine. When a 'secure' page has been downloaded, the
browser's 'lock' or 'key' will indicate so. It is good
double-check this: View the 'certificate' associated with the
page you have accessed. Each web browser has a different way to
this. The certificate will list the certificate's owner and
issued it. If these look trustworthy, you are probably OK
3.3 Email
All the normal concerns apply to messages received via Email that
could receive any other way. For example, the sender may not be
he or she claims to be. If Email security software is not used,
is very difficult to determine for sure who sent a message.
means that Email itself is a not a suitable way to conduct many
of business. It is very easy to forge an Email message to make
appear to have come from anyone
Another security issue you should consider when using Email
privacy. Email passes through the Internet from computer
computer. As the message moves between computers, and indeed as
sits in a user's mailbox waiting to be read, it is
visible to others. For this reason, it is wise to think twice
sending confidential or extremely personal information via Email
You should never send credit card numbers and other sensitive
via unprotected Email. Please refer to "The Wires Have Ears".
To cope with this problem, there are privacy programs available,
of which are integrated into Email packages
One service many Email users like to use is Email forwarding.
should be used very cautiously. Imagine the following scenario
A user has an account with a private Internet Service Provider
wishes to receive all her Email there. She sets it up so that
Email at work is forwarded to her private address. All the
she would receive at work then moves across the Internet until
reaches her private account. All along the way, the Email
vulnerable to being read. A sensitive Email message sent to
at work could be read by a network snoop at any of the many
along the way the Email takes
Note that Email sent or received at work may not be private.
with your employer, as employers may (in some instances) legally
read your Email and make use of it. The legal status of
depends on the privacy of information laws in force in each country
Guttman, et. al. Informational [Page 6]
RFC 2504 Users' Security Handbook February 1999
Many mail programs allow files to be included in Email messages.
files which come by Email are files like any other. Any way in
a file can find its way onto a computer is possibly dangerous.
the attached file is merely a text message, fine. But it may be
than a text message. If the attached file is itself a program or
executable script, extreme caution should be applied before
it. See the section entitled "The Dangers of Downloading".
3.4
Passwords may be easily guessed by an intruder unless precautions
taken. Your password should contain a mixture of numbers, upper
lower case letters, and punctuation. Avoid all real words in
language, or combinations of words, license plate numbers, names
so on. The best password is a made-up sequence (e.g., an
from a phrase you won't forget), such as "2B*Rnot2B" (but don't
this password!).
Resist the temptation to write your password down. If you do,
it with you until you remember it, then shred it! NEVER leave
password taped onto a terminal or written on a whiteboard.
wouldn't write your PIN code on your automated teller machine (ATM
card, would you? You should have different passwords for
accounts, but not so many passwords that you can't remember them
You should change your passwords periodically
You should also NEVER save passwords in scripts or login
as these could be used by anyone who has access to your machine
Be certain that you are really logging into your system.
because a login prompt appears and asks you for your password
not mean you should enter it. Avoid unusual login prompts
immediately report them to your security point-of-contact. If
notice anything strange upon logging in, change your password
Unless precautions have been taken to encrypt your password when
is sent over the network, you should, if possible, use "one-
passwords" whenever you log in to a system over a network. (
applications take care of that for you.) See "The Wires Have Ears
for more information on the risks associated with logging in over
network
3.5 Viruses and Other
Viruses are essentially unwanted pieces of software that find
way onto a computer. What the virus may do once it has entered
host, depends on several factors: What has the virus been
to do? What part of the computer system has the virus attacked
Guttman, et. al. Informational [Page 7]
RFC 2504 Users' Security Handbook February 1999
Some viruses are 'time bombs' which activate only when given
particular condition, such as reaching a certain date. Others
latent in the system until a particular afflicted program
activated. There are still others which are continually active
exploiting every opportunity to do mischief. A subtle virus
simply modify a system's configuration, then hide
Be cautious about what software you install on your system.
software from "trusted sources", if possible. Check your site
before installing any software: Some sites only allow
to install software to avoid security and system
problems
Centrally-administered sites have their own policy and tools
dealing with the threat of viruses. Consult your site policy or
out from your systems administrator what the correct procedures
to stay virus free
You should report it if a virus detection tool indicates that
system has a problem. You should notify your site's
administrators as well as the person you believe passed the virus
you. It is important to remain calm. Virus scares may cause
delay and confusion than an actual virus outbreak. Before
the virus widely, make sure you verify its presence using a
detection tool, if possible, with the assistance
technically-competent personnel
Trojan Horse programs and worms are often categorized with viruses
Trojan Horse programs are dealt with in the "What Program is This
Anyway?" section. For the purposes of this section, worms should
considered a type of virus
3.6
You should be careful when attaching anything to your computer,
especially any equipment which allows data to flow. You should
permission before you connect anything to your computer in
centrally-administered computing environment
Modems present a special security risk. Many networks are
by a set of precautions designed to prevent a frontal assault
public networks. If your computer is attached to such a network,
must exercise care when also using a modem. It is quite possible
use the modem to connect to a remote network while *still*
connected to the 'secure' net. Your computer can now act as a
in your network's defenses. Unauthorized users may be able to
onto your organization's network through your computer
Guttman, et. al. Informational [Page 8]
RFC 2504 Users' Security Handbook February 1999
Be sure you know what you are doing if you leave a modem on and
up your computer to allow remote computers to dial in. Be sure
use all available security features correctly. Many modems
calls by default. You should turn auto-answer off unless you
prepared to have your computer respond to callers. Some '
access' software requires this. Be sure to turn on all the
features of your 'remote access' software before allowing
computer to be accessed by phone
Note that having an unlisted number will not protect you from
breaking into your computer via a phone line. It is very easy
probe many phone lines to detect modems and then launch attacks
3.7 Don't Leave Me...
Do not leave a terminal or computer logged in and walk away.
password-locked screensavers whenever possible. These can be set
so that they activate after the computer has been idle for a while
Sinister as it may seem, someone coming around to erase your work
not uncommon. If you remained logged in, anyone can come by
perform mischief for which you may be held accountable. For example
imagine the trouble you could be in for if nasty Email were sent
the president of your company in your name, or your account were
to transfer illegal pornography
Anyone who can gain physical access to your computer can
certainly break into it. Therefore, be cautious regarding who
allow access to your machine. If physically securing your machine
not possible, it is wise to encrypt your data files kept on
local hard disk. If possible, it is also wise to lock the door
one's office where the computer is stored
3.8 File
Data files and directories on shared systems or networked
systems require care and maintenance. There are two categories
such systems
- Files to
Shared files may be visible to everyone or to a restricted
of other users. Each system has a different way of
this. Learn how to control sharing permissions of files
implement such control without fail
Guttman, et. al. Informational [Page 9]
RFC 2504 Users' Security Handbook February 1999
- Protected
These include files that only you should have access to,
which are also available to anyone with system
privileges. An example of this are files associated with
delivery of Email. You don't want other users to read your Email
so make sure such files have all the necessary file
set accordingly
3.9 Encrypt
Additionally, there are files that are private. You may have
which you do not wish anyone else to have access to. In this case
it is prudent to encrypt the file. This way, even if your network
broken into or the systems administrator turns into Mr. Hyde,
confidential information will not be available. Encryption is
very important if you share a computer. For example, a home
may be shared by room mates who are friends but prefer to keep
Email and financial information private. Encryption allows
shared yet private usage
Before you encrypt files, you should check your site's
policy. Some employers and countries expressly forbid or
the storing and/or transferring of encrypted files
Be careful with the passwords or keys you use to encrypt files
Locking them away safely not only helps to keep them from prying
but it will help you keep them secure too; for if you lose them,
will lose your ability to decrypt your data as well! It may be
to save more than one copy. This may even be required, if
company has a key escrow policy, for example. This protects
the possibility that the only person knowing a pass phrase may
the company or be struck by lightning
Whilst encryption programs are readily available, it should be
that the quality can vary widely. PGP (which stands for "Pretty
Privacy") for example, offers a strong encryption capability.
common software applications include the capability to encrypt data
The encryption facilities in these are typically very weak
You should not be intimidated by encryption software. Easy-to-
software is being made available
3.10 Shred Everything
You would be surprised what gets thrown away into the waste-
basket: notes from meetings, old schedules, internal phone lists
computer program listings, correspondence with customers and
Guttman, et. al. Informational [Page 10]
RFC 2504 Users' Security Handbook February 1999
market analyses. All of these would be very valuable to competitors
recruiters and even an overzealous (hungry?) journalist looking for
scoop. The threat of dumpster diving is real - take it seriously
Shred all potentially useful documents before discarding them
You should also be aware that deleting a file does not erase it
many cases. The only way to be sure that an old hard disk does
contain valuable data may be to reformat it
3.11 What Program is This, Anyway
Programs have become much more complex in recent years. They
often extensible in ways which may be dangerous. These
make applications more flexible, powerful and customizable.
also open the end-user up to all sorts of risks
- A program may have "plug-in" modules. You should not trust
plug-ins simply because you are used to trusting the
they plug into. For example: Some web pages suggest that
user download a plug-in to view or use some portion of the
page's content. Consider: What is this plug-in? Who wrote it
Is it safe to include it in your web browser
- Some files are "compound documents". This means that instead
using one single program, it will be necessary to run
programs in order to view or edit a document. Again, be
of downloading application components. Just because
integrate with products which are well-known does not mean
they can be trusted. Say, you receive an Email message which
only be read if you download a special component. This
could be a nasty program which wipes out your hard drive
- Some programs are downloaded automatically when accessing
pages. While there are some safeguards to make sure that
programs may be used safely, there have been security
discovered in the past. For this reason, some centrally
administered sites require that certain web browser
be turned off
4. Paranoia is
Many people do not realize it, but social engineering is a tool
many intruders use to gain access to computer systems. The
impression that people have of computer break-ins is that they
the result of technical flaws in computer systems which the
have exploited. People also tend to think that break-ins are
technical. However, the truth is that social engineering plays a
Guttman, et. al. Informational [Page 11]
RFC 2504 Users' Security Handbook February 1999
part in helping an attacker slip through security barriers.
often proves to be an easy stepping-stone onto the protected
if the attacker has no authorized access to the system at all
Social engineering may be defined, in this context, as the act
gaining the trust of legitimate computer users to the point
they reveal system secrets or help someone, unintentionally, to
unauthorized access to their system(s). Using social engineering,
attacker may gain valuable information and/or assistance that
help break through security barriers with ease. Skillful
engineers can appear to be genuine but are really full of deceit
Most of the time, attackers using social enginering work
telephone. This not only provides a shield for the attacker
protecting his or her identity, it also makes the job easier
the attacker can claim to be a particular someone with more
of getting away with it
There are several types of social engineering. Here are a
examples of the more commonly-used ones
- An attacker may pretend to be a legitimate end-user who is new
the system or is simply not very good with computers.
attacker may approach systems administrators and other end-
for help. This "user" may have lost his password, or simply can'
get logged into the system and needs to access the
urgently. Attackers have also been known to identify
as some VIP in the company, screaming at administrators to
what they want. In such cases, the administrator (or it could
an end-user) may feel threatened by the caller's authority
give in to the demands
- Attackers who operate via telephone calls may never even have
the screen display on your system before. In such cases,
trick attackers use is to make details vague, and get the user
reveal more information on the system. The attacker may
really lost so as to make the user feel that he is helping
damsel in distress. Often, this makes people go out their way
help. The user may then reveal secrets when he is off-guard
- An attacker may also take advantage of system problems that
come to his attention. Offering help to a user is an
way to gain the user's trust. A user who is frustrated
problems he is facing will be more than happy when someone
to offer some help. The attacker may come disguised as
systems administrator or maintenance technician. This
will often gain valuable information because the user thinks
it is alright to reveal secrets to technicians. Site visits
Guttman, et. al. Informational [Page 12]
RFC 2504 Users' Security Handbook February 1999
pose a greater risk to the attacker as he may not be able to
an easy and quick get-away, but the risk may bring
returns if the attacker is allowed direct access to the system
the naive user
- Sometimes, attackers can gain access into a system without
knowledge of any system secret nor terminal access. In the same
that one should not carry someone else's bags through Customs, no
should key in commands on someone's behalf. Beware of attackers
use users as their own remotely-controlled fingers to type commands
the user's keyboard that the user does not understand, commands
may harm the system. These attackers will exploit system
bugs and loopholes even without direct access to the system.
commands keyed in by the end-user may bring harm to the system,
his own account up for access to the attacker or create a hole
allow the attacker entry (at some later time) into the system. If
are not sure of the commands you have been asked to key in, do
simply follow instructions. You never know what and where these
lead to...
To guard against becoming a victim of social engineering,
important thing to remember is that passwords are secret. A
for your personal account should be known ONLY to you. The
administrators who need to do something to your account will
require your password. As administrators, the privileges they
will allow them to carry out work on your account without the
for you to reveal your password. An administrator should not have
ask you for your password
Users should guard the use of their accounts, and keep them for
own use. Accounts should not be shared, not even temporarily
systems administrators or systems maintenance techinicians.
maintenance work will require special privileges which end-users
not given. Systems administrators will have their own accounts
work with and will not need to access computer systems via
end-user's account
Systems maintenance technicians who come on site should
accompanied by the local site administrator (who should be known
you). If the site administrator is not familiar to you, or if
technician comes alone, it is wise to give a call to your known
administrator to check if the technician should be there. Yet,
people will not do this because it makes them look paranoid and it
embarrassing to show that they have no, or little trust in
visitors
Guttman, et. al. Informational [Page 13]
RFC 2504 Users' Security Handbook February 1999
Unless you are very sure that the person you are speaking to is who
or she claims to be, no secret information should ever be revealed
such people. Sometimes, attackers may even be good enough to
themselves sound like someone whose voice you know over the phone.
is always good to double check the identity of the person. If you
unable to do so, the wisest thing to do is not to reveal any secrets
If you are a systems administrator, there should be
procedures for assignment and reassignment of passwords to users,
you should follow such procedures. If you are an end-user,
should not be any need for you to have to reveal system secrets
anyone else. Some companies assign a common account to
users. If you happen to be in such a group, make sure you
everyone in that group so you can tell if someone who claims to be
the group is genuine
Part Three: End-users self administering a networked
The home user or the user who administers his own network has many
the same concerns as a centrally-administered user. The following
a summary of additional advice given in Part Three
- Read manuals to learn how to turn on security features, then
them on
- Consider how private your data and Email need to be. Have
invested in privacy software and learned how to use it yet
- Prepare for the worst in advance
- Keep yourself informed about what the newest threats are
5. Make Your Own Security
You should decide ahead of time what risks are acceptable and
stick to this decision. It is also wise to review your decision
regular intervals and whenever the need to do so arises. It may
wise to simply avoid downloading any software from the network
comes from an unknown source to a computer storing business records
other valuable data and data which is potentially damaging if
information was lost or stolen
If the system has a mixed purpose, say recreation,
and some home accounting, perhaps you will hazard some downloading
software. You unavoidably take some risk of acquiring
which is not exactly what it seems to be
It may be worthwhile installing privacy software on a computer if
is shared by multiple users. That way, a friend of a room mate won'
have access to your private data, and so on
Guttman, et. al. Informational [Page 14]
RFC 2504 Users' Security Handbook February 1999
6. Bad Things
If you notice that your files have been modified or ascertain
that your account has been used without your consent, you
inform your security point-of-contact immediately. When you
not know who your security point-of-contact is, try
your Internet service provider's help desk as a first step
6.1 How to Prepare for the Worst in
- Read all user documentation carefully. Make sure that it is
when services are being run on your computer. If network
are activated, make sure they are properly configured (set
permissions so as to prevent anonymous or guest logins, and
on). Increasingly, many programs have networking
built in to them. Learn how to properly configure and safely
these features
- Back up user data. This is always important. Backups
normally thought of as a way of ensuring you will not lose
work if a hard disk fails or if you make a mistake and delete
file. Backing up is also critical to insure that data cannot
lost due to a computer security incident. One of the most
and unfortunately common threats posed by computer viruses
Trojan Horse programs is erasing a computer's hard disk
- Obtain virus checking software or security auditing tools.
how to use them and install them before connecting to a
network. Many security tools require that they be run on
"clean" system, so that comparisons can be made between
present and pristine states. Thus, it is necessary for some
to be done ahead of time
- Upgrade networking software regularly. As new versions
programs come out, it is prudent to upgrade.
vulnerabilities will likely have been fixed. The longer you
to do this, the greater the risk that security vulnerabilities
the products will be become known and be exploited by some
assailant. Keep up to date
- Find out who to contact if you suspect trouble. Does
Internet Service Provider have a security contact or Help Desk
Investigate this before trouble happens so you won't lose
trying to figure it out should trouble occur. Keep the
information both online and offline for easy retrieval
Guttman, et. al. Informational [Page 15]
RFC 2504 Users' Security Handbook February 1999
There are 3 ways to avoid problems with viruses
1. Don't be
If at all possible, be cautious about what software you install
your system. If you are unaware of or unsure of the origin of
program, it is wise not to run it. Obtain software from
sources. Do not execute programs or reboot using old
unless you have reformatted them, especially if the old
have been used to bring software home from a trade show and
potentially security-vulnerable places
Nearly all risk of getting infected by viruses can be
if you are extremely cautious about what files are stored on
computer. See "The Dangers of Downloading" for more details
2. Scan regularly
Give your system a regular check-up. There are
virus checking and security audit tools for most
platforms available today. Use them, and if possible, set them
run automatically and regularly. Also, install updates of
tools regularly and keep yourself informed of new virus threats
3. Notice the unusual
It's not true that a difference you cannot detect is no
at all, but it is a good rule of thumb. You should get used
the way your system works. If there is an unexplainable
(for instance, files you believe should exist are gone, or
new files are appearing and disk space is 'vanishing'), you
check for the presense of viruses
You should take some time to be familiar with computer
detection tools available for your type of computer. You should
an up-to-date tool (i.e. not older than three months). It is
important to test your computer if you have been using
software of dubious origin, someone else's used floppy disks
transfer files, and so on
6.2 What To Do if You Suspect
If you suspect that your home computer has a virus, that a
program has been run, or that a system has been broken into,
wisest course of action is to first disconnect the system from
networks. If available, virus detection or system auditing
should be used
Guttman, et. al. Informational [Page 16]
RFC 2504 Users' Security Handbook February 1999
Checking vital system files for corruption, tampering or
replacement is very tedious work to do by hand. Fortunately there
many virus detection programs available for PCs and
computers. There are security auditing programs available
UNIX-based computers. If software is downloaded from the network,
is wise to run virus detection or auditing tools regularly
If it becomes clear that a home system has been attacked, it is
to clean up. Ideally, a system should be rebuilt from scratch.
means erasing everything on the hard disk. Next, install
operating system and then all additional software the system needs
It is best to install the operating system and additional
from the original distribution diskettes or CD-roms, rather than
backup storage. The reason for this is that a system may have
broken into some time ago, so the backed up system or program
may already include some altered files or viruses. Restoring a
from scratch is tedious but worthwhile. Do not forget to re-
all security related fixes you had installed before the
incident. Obtain these from a verified, unsuspicious source
6.3
Remember to be careful with saved Email. Copies of sent or
Email (or indeed any file at all) placed in storage provided by
Internet service provider may be vulnerable. The risk is
someone might break into the account and read the old Email.
your Email files, indeed any sensitive files, on your home machine
7. Home
A home system can be broken into over the Internet if a home user
unwary. The files on the home system can be stolen, altered
destroyed. The system itself, if compromised, could be
again some time in the future. This section describes issues
makes recommendations relevant to a home user of the Internet
7.1 Beware of
A home system which uses PPP to connect directly to the Internet
increasingly common. These systems are at the greatest risk if
run certain kinds of programs called "services". If you run
service, you are in effect making your computer available to
across the network. Some services include
- File servers (an NFS server, a PC with 'file sharing' turned on
- An FTP
- A Web
Guttman, et. al. Informational [Page 17]
RFC 2504 Users' Security Handbook February 1999
There are, in general, two types of programs which operate on
Internet: Clients (like web browsers and Email programs) and
(like web servers and mail servers).
Most software which runs on home systems is of the client variety
but, increasingly, server software is available on
client platforms (e.g., PCs). Server software which runs in
background is referred to as a "daemon" (pronounced dee-mon).
Internet server software programs that run as daemons have names
end in `d', like "inetd" (Internet Daemon) and "talkd" (Talk Daemon).
When set to run, these programs wait for clients to request
particular service from across the network
There are four very important things to keep in mind as far as
security implications of running services on a home computer
concerned
- First and most important, if a server is not properly configured
it is very vulnerable to being attacked over a network. It
vital, if you run services, to be familiar with the
configuration. This is often not easy, and may require
or technical expertise
- All software has flaws, and flaws exploited deviously can be
to breach computer security. If you run a server on your
machine, you have to stay aware. This requires work: You have
stay in touch with the supplier of the software to get
updates. It is highly recommended that you keep up with
issues through on-line security forums. See [RFC2196] for a
of references
If security flaws in your server software are discovered, you
need to either stop using the software or apply "patches"
"fixes" which eliminate the vulnerability. The supplier of
software, if it is a decent company or freeware author,
supply information and updates to correct security flaws.
"patches" or "fixes" must be installed as soon as possible
- As a rule of thumb, the older the software, the greater the
that it has known vulnerabilities. This is not to say you
simply trust brand new software either! Often, it takes time
discover even obvious security flaws in servers
- Some servers start up without any warning. There are some
browsers and telnet clients which automatically start FTP
if not explicitly configured to not do so. If these servers
not themselves properly configured, the entire file system of
home computer can become available to anyone on the Internet
Guttman, et. al. Informational [Page 18]
RFC 2504 Users' Security Handbook February 1999
In general, any software MAY start up a network daemon. The way
be safe here is to know the products you are using. Read the manual
and if any questions arise, call the company or mail the author
free software to find out if you are actually running a service
using the product
A home user running a remote login service on his home machine
very serious risks. This service allows the home user to log in
his home machine from other computers on the Internet and can
quite convenient. But the danger is that someone will
observe the logging in and then be able to masquerade as the
whenever they choose to do so in the future. See "The Wires
Ears" which suggests precautions to take for remote log in
If possible, activate all "logging" options in your server
which relate to security. You need to review these logs regularly
order to gain any benefit from this logging. You should also
aware that logs often grow very quickly in size, so you need to
careful they don't fill up your hard disk
7.2 Going
Remote logins allow a user privileged access onto physically
systems from the comfort of his own home
More and more companies are offering their employees the ability
work from home with access to their computer accounts through dial-
connections. As the convenience of Internet connectivity has led
lowered costs and wide-spread availability, companies may
remote login to their systems via the Internet. Customers
companies with Internet access may also be provided with remote
accounts. These companies include Internet service providers,
even banks. Users should be very careful when making remote logins
As discussed in "The Wires have Ears" section, Internet
can be eavesdropped on. If you intend to use a remote login service
check that the connection can be done securely, and make sure
you use the secure technologies/features
Connections may be secured using technologies like one-
passwords, secure shell (SSH) and Secure Sockets Layer (SSL). One
time passwords make a stolen password useless to steal, while
shell encrypts data sent over the connection. Please refer to "Don'
Get Caught in the Web" for a discussion on SSL. Secure services
as these have to be made available on the systems to which you log
remotely
Guttman, et. al. Informational [Page 19]
RFC 2504 Users' Security Handbook February 1999
7.3 Secure It
Administering your own home computer means you get to choose
software is run on it. Encryption software provides protection
data. If you keep business records and other sensitive data on
computer, encryption will help to keep it safe. For example, if
ran a network service from your home computer and missed
restrictions on a private directory, a remote user (authorized
not) may gain access to files in this private directory. If
files are encrypted, the user will not be able to read them. But
with all forms of encryption running on any system, the keys
passwords should first be kept safe
8. A Final
This document has provided the reader with an introduction and
much concise detail as possible. Present security issues go out
date quickly, and although effort has been made to keep
general, examples given may not be relevant in the future as
Internet and computer industry continue to grow
Just as home-owners are now taking increased cautions at the
of convenience, to secure their homes in the changing world we
in, computer network users should not ignore security. It may
inconvenient, but it is always better to be safe than sorry
Guttman, et. al. Informational [Page 20]
RFC 2504 Users' Security Handbook February 1999
Appendix: Glossary of Security
Acceptable Use Policy (AUP
A set of rules and guidelines that specify in more or less
the expectations in regard to appropriate use of systems
networks
See (Computer)
Anonymous and Guest Log
Services may be made available without any kind of authentication
This is commonly done, for instance, with the FTP protocol
allow anonymous access. Other systems provide a special
named "guest" to provide access, typically restricting
privileges of this account
Auditing
Tools to analyze computer systems or networks in regard to
security status or in relation to the set of services provided
them. COPS (Computer Oracle Password and Security analyzer)
SATAN (Security Administrator's Tool for Analyzing Networks)
famous examples of such tools
Authentication refers to mechanisms which are used to verify
identity of a user. The process of authentication
requires a name and a password to be supplied by the user as
of his identity
Centrally-Administered
A network of systems which is the responsibility of a single
of administrators who are not distributed but work centrally
take care of the network
Certificates are data which is used to verify digital signatures
A certificate is only as trustworthy as the agency which
it. A certificate is used to verify a particular signed item
such as an Email message or a web page. The digital signature
the item and the certificate are all processed by a
Guttman, et. al. Informational [Page 21]
RFC 2504 Users' Security Handbook February 1999
program. It is possible to say, if the signature is valid,
"According to the agency which issued the certificate, the
was (some name)".
Clean
A computer which has been freshly installed with its
system and software obtainied from trusted software
media. As more software and configuration are added to
computer, it becomes increasingly difficult to determine if
computer is 'clean' or has been compromised by viruses,
horse or misconfiguration which reduces the security of
system
Depending on the point of view, a client might be a
system which an end-user uses to access services hosted on
computer system called a server. 'Client' may also refer to
program or a part of a system that is used by an end-user
access services provided by another program (for example, a
browser is a client that accesses pages provided by a Web Server).
Compound
A 'document' is a file containing (a set of) data. Files
consist of multiple parts: a plain document, an
document, a digitally-signed documents or a compressed document
Multi-part files are known as compound documents and may require
variety of programs to be used in order to interpret
manipulate it. These programs may be used without the user'
knowledge
(Computer)
This term describes the authorization to access a
computer system or network. Each end-user has to use an account
which consists most probably of a combination of user name
password or another means of proving that the end-user is
person the account is assigned to
Configuring Network
The part of an administrator's task that is related to
the conditions and details of network services that govern
service provision. In regard to a Web server, this includes
Web pages are available to whom and what kind of information
logged for later review purposes
Guttman, et. al. Informational [Page 22]
RFC 2504 Users' Security Handbook February 1999
Cookies register information about a visit to a web site
future use by the server. A server may receive information
cookies of other sites as well which create concern in terms
breach of privacy
This term is used to describe attackers, intruders or other
guys that do not play by the rules and try to circumvent
mechanisms and/or attack individuals and organisations
Daemons (inetd, talkd, etc.)
These are processes that run on computer systems to
services to other computer systems or processes. Typically
daemons are considered "servers".
The process of reversing the encryption of a file or message
recover the original data in order to use or read it
Default
Some systems and server software come with preconfigured accounts
These accounts may be set up with a predefined (user name and
password to allow anyone access and are often put there to make
convenient for users to login initially. Default accounts
be turned off or have their predefined passwords changed,
reduce the risk of abuse to the system
Dial-in
A way of providing access to computer systems or networks via
telecommunications network. A computer uses a modem to make
telephone call to a another modem, which in turn provides '
access service'. See also: PPP
Digital
A digital signature is created by a mathematical computer program
It is not a hand-written signature nor a computer-produced
of one. The signature is like a wax seal that requires a
stamp to produce it, and is attached to an Email message or file
The origin of the message or file may then be verified by
digital signature (using special tools).
Guttman, et. al. Informational [Page 23]
RFC 2504 Users' Security Handbook February 1999
Downloaded
Software packages retrieved from the Internet (using, for example
the FTP protocol).
The act of retrieving files from a server on the network
Email
To communicate via electronic mail, an end-user usually makes
of an Email client that provides the user-interface to create
send, retrieve and read Email. Various different Email
provide the same set of basic functions but have different user
interfaces and perhaps, special/extra functions. Some
packages provide encryption and digital signature capabilities
Email Security
Software which provides security through digital signatures
encryption (and decryption) to enable the end-user to
messages and documents prior to sending them over a
insecure network. PGP is an example of such software
Encrypting /
This is a mathematical process of scambling data for
protection
Encryption
The software that actually provides the needed functionality
end users to encrypt messages and files. PGP is one example
End-
An (human) individual that makes use of computer systems
networks
Files (programs, data, text and so on
Files include user data, but also programs, the computer
system and the system's configuration data
Guttman, et. al. Informational [Page 24]
RFC 2504 Users' Security Handbook February 1999
File
A computer system that provides a way of sharing and working
files stored on the system among users with access to these
over a network
File
The process of transferring files between two computer
over a network, using a protocol such as FTP or HTTP
Fixes, Patches and installing
Vendors, in response to the discovery of security vulnerabilities
provide sets of files that have to be installed on
systems. These files 'fix' or 'patch' the computer system
programs and remove the security vulnerability
FTP (File Transfer Protocol
A protocol that allows for the transfer of files between an
client and FTP server
Group of
Security software often allow permissions to be set for groups (
users) as opposed to individuals
Help
A support entity that can be called upon to get help with
computer or communication problem
A collection of interconnected networks that use a common set
protocols called the TCP/IP stack to enable communication
the connected computer systems
Key
Keys are used to encrypt and decrypt files. key escrow is used
store keys for use by third parties to access the data
encrypted files
Guttman, et. al. Informational [Page 25]
RFC 2504 Users' Security Handbook February 1999
Keys Used to Encrypt and Decrypt
To make use of encryption, an end-user has to provide some secret
in the form of some data, usually called a key
Log In, Logging into a
This is an action performed by an end-user, when he
himself to a computer system
Log In
The characters that are displayed when logging into a system
ask for user name and password
Logged
If an end-user has successfully proven to have legitimate
to a system, he is considered to be logged in
Systems and server software often provide the ability to
track of events. Events may be configured to be written out to
file known as a log. The log file can be read later and
for system failures and security breaches to be identified
Masquerade (see Remote Log In
Anyone who pretends to be someone they are not in order to
access to a computer account is said to be in 'masquerade'.
may be accomplished by providing a false user name, or
someone else's password and logging in as him
Network File System (NFS, file sharing with PCs, etc.)
NFS is an application and protocol suite that provides a way
sharing files between clients and servers. There are
protocols which provide file access over networks. These
similar functionality, but do not interoperate with each other
Networking Features of
Some software has features which make use of the network
retrieve or share data. It may not be obvious that software
networking features
Guttman, et. al. Informational [Page 26]
RFC 2504 Users' Security Handbook February 1999
Network
Services which are not provided on the local computer system
end-user is working on but on a server located in the network
One-Time Passwords (OTP
Instead of using the same password over and over again,
different password is used on each subsequent log in
A passphrase is a long password. It is often composed of
words and symbols to make it harder to guess
Password-Locked
A screen saver obscures the normal display of a monitor.
password-locked screensaver can only be deactivated if the end
user's password is supplied. This prevents a logged-in
from being abused and hides the work currently being done
passers-by
See "Fixes, Patches and installing them
Another word for the access controls that are used to control
access to files and other resources
PGP (Pretty Good Privacy
PGP is an application package that provides tools to encrypt
digitally sign files on computer systems. It is especially
to encrypt and/or sign files and messages before sending them
Email
Plug-in
Software components that integrate into other software (such
web browsers) to provide additional features
Guttman, et. al. Informational [Page 27]
RFC 2504 Users' Security Handbook February 1999
Point-of-Contact,
In case of security breaches or problems, many
provide a designated point-of-contact which can alert others
take the appropriate actions
PPP (Point to Point Protocol
PPP is the mechanism which most end-users establish a
connection between their PC and their Internet service
with. Once connected, the PC is able to transmit and receive
to any other system on the network
Privacy
Another term for encryption software that highlights the use
this software to protect the confidentiality and therefore
of the end-users that make use of it
Remote Access
This software allows a computer to use a modem to connect
another system. It also allows a computer to 'listen' for
on a modem (this computer provides 'remote access service'.)
Remote access software may provide access to a single computer
to a network
Remote Log
If an end-user uses a network to log in to a system, this act
known as remote log in
Security
These are features which provide protection or enable end-
and administrators to assess the security of a system,
example, by auditing it
Security
A security policy is written by organisations to address
issues, in the form of "do's" and "don'ts". These guidelines
rules are for users with respect to physical security,
security, information security and content (eg. rules stating
sites with sexual content should not be visited, and
copyrights should be honoured when downloading software, etc).
Guttman, et. al. Informational [Page 28]
RFC 2504 Users' Security Handbook February 1999
A server is a computer system, or a set of processes on a
system providing services to clients across a network
Shared
A common account is one which is shared by a group of users
opposed to a normal account which is available to only one user
If the account is misused, it is very difficult or impossible
know which of users was responsible
Sharing
Many computer systems allow users to share files over a network
These systems invariably provide a mechanism for users to use
control who has permission to read or overwrite these files
Depending on the context in which this term is used, it
apply to computer systems that are grouped together
geographical location, organizational jurisdiction, or
addresses. A Site typically refers to a network under a
administration
SSH (Secure Shell
SSH provides a protocol between a client and server, allowing
encrypted remote connectivity
SSL (Secure Sockets Layer
This protocol provides security services to otherwise
protocols which operate over a network. SSL is typically used
web browsers to encrypt data sent to and downloaded from a server
Systems
The individual who maintains the system and has
administrator privileges. In order to avoid errors and
done by this individual while not acting as an administrator
he/she should limit the time he/she acts as an administrator (
known to the system) to a minimum
Guttman, et. al. Informational [Page 29]
RFC 2504 Users' Security Handbook February 1999
System Administrator
System administrators have more rights (greater permissions)
their work involve the maintenance of system files
System
The set of files on a system that do not belong to end-users
which govern the functionality of the system. System files
a great impact on the security of the system
A protocol that enables remote log in to other computer
over the network
A dumb device that is connected to a computer system in order
provide (text-based) access to it for users and administrators
Terms of Service (TOS
See "Acceptable Use Policy (AUP)".
The potential that an existing vulnerability can be exploited
compromise the security of systems or networks. Even if
vulnerability is not known, it represents a threat by
definition
Trojan
A program which carries within itself a means to allow the
of the program access to the system using it
A program which replicates itself on computer systems
incorporating itself (secretly and maliciously) into
programs. A virus can be transferred onto a computer system in
variety of ways
Virus-Detection
Software that detects and possibly removes computer viruses
alerting the user appropriately
Guttman, et. al. Informational [Page 30]
RFC 2504 Users' Security Handbook February 1999
A vulnerability is the existence of a weakness, design,
implementation error that can lead to an unexpected,
event compromising the security of the system, network
application, or protocol involved
Web Browser
This is the part of the file system that is used to store
pages and related files. It can be utilized to reload
accessed files from the cache instead of loading it every
from the network
Web Browser
The set of functionalities on a web browser for use by the end
user. This includes the set of plug-ins available
Web
A server program that provides access to web pages. Some
servers provide access to other services, such as databases,
directories
A computer program which replicates itself and is self
propogating. Worms, as opposed to viruses, are meant to spawn
network environments
The User Security Handbook was a collaborative effort of the
Security Handbook Working Group of the IETF. There were also
who made significant contributions --- Simson Garfinkle and
Luiijf provided very helpful feedback on this document. The
contribution by Klaus-Peter Kossakowski is much appreciated
[GLOSSARY] Malkin, G., Ed., "Internet User's Glossary", FYI 18,
1983 August 1996.
[RFC2196] Fraser, B., Ed., "Site Security Handbook", FYI 8, RFC 2196
September 1997.
Guttman, et. al. Informational [Page 31]
RFC 2504 Users' Security Handbook 