Administering Standalone Versus Networked Systems

  Security precautions that should be taken when administering standalone systems also apply to networked systems. Although a discussion of security threats for standalone systems is out of the scope of this report, the following is a list of several security precautions to consider when administering a system regardless of whether the system is standalone or connected to a network.

• Avoid weak passwords, i.e., passwords that are easy to crack.

• Make use of file access control, auditing, and backups.

• Check with vendors and install all applicable security-related patches.

• Limit readability and writeability of system files.

• Regularly check system binaries against copies from distribution media to verify that programs have not been modified. Binaries for common network access procedures, such as rlogin, rsh, rcp, ftp, telnet and uucp are particularly vulnerable. Altered versions of these binaries can allow unauthorized access to the system.

• Examine all commands or scripts that run automatically at specified dates and times, e.g., for SunOS cron and at can be used to execute commands and scripts at specified dates and times. These commands could be useful to a cracker.

• Check for unauthorized setuid and setgid programs, i.e., check for programs that grant special privileges to the user who is executing the program.

• Protect modems and terminal servers.

It is common for workstations to be primarily used by an individual user. As a result, individual users are forced to become system administrators. Users of individual systems may either not have the knowledge to securely configure their workstation, or may decide to sacrifice security for convenience. In order to protect against unauthorized use, systems should be responsibly administered, regardless of whether they are standalone, or networked single-user or multi-user systems.