HostedDB - Dedicated UNIX Servers

-->
IT Baseline Protection Manual - Chapter 6.2 Unix network

6.2 Unix network

Description

Networked Unix systems consist of computers running on the Unix operating system and offering services (as servers) for other IT systems within a network, or making use of such services themselves (as clients).

In this chapter, the threats and safeguards described are specifically for Unix networks. Additional threats and safeguards applying to server-supported networks can be found in chapter 6.1.

Threat Scenario

The following typical threats (T) are assumed as regards IT baseline protection of a UNIX server:

Organisational Shortcomings:

  • T 2.15 Loss of confidentiality of sensitive data in the UNIX system
  • T 2.23 Security flaws involved in integrating DOS PCs into a server-based network
  • T 2.65 Complexity of the SAMBA configuration
  • Human Error:

  • T 3.10 Incorrect export of file systems under UNIX
  • T 3.11 Improper configuration of sendmail
  • Technical Failure:

  • T 4.1 Disruption of power supply
  • T 4.11 Lack of authentication possibilities between NIS Server and NIS Client
  • T 4.12 Lack of authentication possibilities between X Server and X Client
  • Deliberate Acts:

  • T 5.40 Monitoring rooms using computers equipped with microphones
  • T 5.41 Misuse of a UNIX system with the help of uucp
  • T 5.89 Hijacking of network connections
  • Recommended Countermeasures (S)

    To implement IT baseline protection, selection of the required packages of safeguards ("modules"), as described in Sections 2.3 and 2.4, is recommended.

    In the following, the safeguard package for "UNIX servers" is set out.

    Some measures refer to the configuration of the various servers; other measures will have to be implemented by servers and clients in order to become effective. For any clients connected, the safeguards outlined in chapter 5 must be implemented.

    It is advisable to install the server in a separate server room. The appropriate measures are described in Chapter 4.3.2. If no server room is a available, a server cabinet should be used (c.f. Chapter 4.4).

    In addition, the following measures will have to be taken:

    Infrastructure:

  • S 1.28 (1) Local Uninterruptible Power Supply (UPS)
  • Organisation:

  • S 2.33 (2) Division of Administrator roles under UNIX
  • Hardware and software:

    Access to the UNIX system

  • S 4.13 (1) Careful allocation of identifiers
  • S 4.14 (1) Mandatory password protection under UNIX
  • S 4.18 (1) Administrative and technical means to control access to the system-monitor and single-user mode
  • S 4.105 (1) Initial measures after a Unix standard installation
  • Allocation of attributes / Working with the UNIX system

  • S 4.9 (1) Use of the security mechanisms of X Windows
  • S 4.19 (1) Restrictive allocation of attributes for UNIX system files and directories
  • S 4.20 (2) Restrictive allocation of attributes for UNIX user files and directories
  • S 4.21 (1) Preventing unauthorised acquisition of administrator rights
  • S 4.22 (3) Prevention of loss of confidentiality of sensitive data in the UNIX system
  • S 4.23 (3) Secure invocation of executable files
  • Logging / Security checks

  • S 4.25 (1) Use of logging in UNIX systems
  • S 4.26 (2) Regular security checks of the UNIX system
  • S 4.40 (2) Preventing unauthorised use of computer microphones
  • S 4.93 (1) Regular integrity checking
  • S 4.106 (1) Aktivation of system logging
  • S 4.107 (2) Use of vendor resources
  • Communications:

  • S 5.16 (2) Survey of network services
  • S 5.17 (1) Use of the NFS security mechanisms
  • S 5.18 (1) Use of the NIS security mechanisms
  • S 5.19 (1) Use of the sendmail security mechanisms
  • S 5.20 (1) Use of the security mechanisms of rlogin, rsh and rcp
  • S 5.21 (1) Secure use of telnet, ftp, tftp and rexec
  • S 5.34 (2) Use of one-time passwords (optional)
  • S 5.35 (1) Use of UUCP security mechanisms
  • S 5.36 (2) Encryption under UNIX and Windows NT (optional)
  • S 5.38 (2) Secure integration of DOS PC's into a UNIX network
  • S 5.64 (2) Secure Shell
  • S 5.72 (1) Deactivation of unnecessary network services
  • S 5.82 (1) Secure use of SAMBA
  • S 5.83 (2) Secure Connection of an External Network with Linux FreeS/WAN (optional)
  • Contingency Planning:

  • S 6.31 (2) Procedural patterns following a loss of system integrity
  •  


    © Copyright by
    Bundesamt für Sicherheit in der Informationstechnik
    last update:
    July 2001
    home