[ Pobierz całość w formacie PDF ]
.The controls and protec-tion mechanisms should be selected in a way so as to adequately counter the threats foundduring risk assessment, and to implement those controls in a cost effective manner.It makeslittle sense to spend an exorbitant sum of money and overly constrict the user base if the risk ofexposure is very small.3.3.1 Choose the Right Set of ControlsThe controls that are selected represent the physical embodiment of your security policy.Theyare the first and primary line of defense in the protection of your assets.It is therefore mostimportant to ensure that the controls that you select are the right set of controls.If the majorthreat to your system is outside penetrators, it probably doesn t make much sense to usebiometric devices to authenticate your regular system users.On the other hand, if the majorthreat is unauthorized use of computing resources by regular system users, you ll probablywant to establish very rigorous automated accounting procedures.3.3.2 Use Common SenseCommon sense is the most appropriate tool that can be used to establish your security policy.Elaborate security schemes and mechanisms are impressive, and they do have their place, yetthere is little point in investing money and time on an elaborate implementation scheme if thesimple controls are forgotten.For example, no matter how elaborate a system you put intoplace on top of existing security controls, a single user with a poor password can still leave yoursystem open to attack.RFC 1244 The Site Security Handbook 1913.4 Use Multiple Strategies to Protect AssetsAnother method of protecting assets is to use multiple strategies.In this way, if one strategyfails or is circumvented, another strategy comes into play to continue protecting the asset.Byusing several simpler strategies, a system can often be made more secure than if one verysophisticated method were used in its place.For example, dial-back modems can be used inconjunction with traditional logon mechanisms.Many similar approaches could be devisedthat provide several levels of protection for assets.However, it s very easy to go overboard withextra mechanisms.One must keep in mind exactly what it is that needs to be protected.3.5 Physical SecurityIt is a given in computer security if the system itself is not physically secure, nothing else aboutthe system can be considered secure.With physical access to a machine, an intruder can haltthe machine, bring it back up in privileged mode, replace or alter the disk, plant Trojan horseprograms (see section 2.13.9.2), or take any number of other undesirable (and hard to prevent)actions.Critical communications links, important servers, and other key machines should belocated in physically secure areas.Some security systems (such as Kerberos) require that themachine be physically secure.If you cannot physically secure machines, care should be taken about trusting those machines.Sites should consider limiting access from non-secure machines to more secure machines.Inparticular, allowing trusted access (e.g., the BSD Unix remote commands such as rsh) fromthese kinds of hosts is particularly risky.For machines that seem or are intended to be physi-cally secure, care should be taken about who has access to the machines.Remember thatcustodial and maintenance staff often have keys to rooms.3.6 Procedures to Recognize Unauthorized ActivitySeveral simple procedures can be used to detect most unauthorized uses of a computer system.These procedures use tools provided with the operating system by the vendor, or tools publiclyavailable from other sources.3.6.1 Monitoring System UseSystem monitoring can be done either by a system administrator, or by software written for thepurpose.Monitoring a system involves looking at several parts of the system and searching foranything unusual.Some of the easier ways to do this are described in this section.The most important thing about monitoring system use is that it be done on a regular basis.Picking one day out of the month to monitor the system is pointless, since a security breachcan be isolated to a matter of hours.Only by maintaining a constant vigil can you expect todetect security violations in time to react to them.192 Part I: Managing Internet Security3.6.2 Tools for Monitoring the SystemThis section describes tools and methods for monitoring a system against unauthorized accessand use.3.6.2.1 LoggingMost operating systems store numerous bits of information in log files.Examination of theselog files on a regular basis is often the first line of defense in detecting unauthorized use of thesystem.Compare lists of currently logged in users and past login histories.Most users typicallylog in and out at roughly the same time each day.An account logged in outside the normal time for the account may be in use by an intruder.Many systems maintain accounting records for billing purposes.These records can alsobe used to determine usage patterns for the system; unusual accounting records mayindicate unauthorized use of the system.System logging facilities, such as the UNIX  syslog utility, should be checked forunusual error messages from system software.For example, a large number of failed loginattempts in a short period of time may indicate someone trying to guess passwords [ Pobierz całość w formacie PDF ]

zanotowane.pl

doc.pisz.pl

pdf.pisz.pl

nvs.xlx.pl