IT Baseline Protection Manual S 5 Safeguard Catalogue - Communications
S 5 Safeguard Catalogue - Communications
S 5.1 Removal, or short-circuiting and grounding, of unneeded lines S 5.2 Selection of an appropriate network topography S 5.3 Selection of cable types suited in terms of communication technology S 5.4 Documentation on, and marking of, cabling S 5.5 Damage-minimising routing of cables S 5.6 Mandatory use of a network password S 5.7 Network management S 5.8 Monthly security checks of the network S 5.9 Logging at the server S 5.10 Restrictive granting of access rights S 5.11 Blocking the server console S 5.12 Setting up an additional network administrator S 5.13 Appropriate use of equipment for network coupling S 5.14 Shielding of internal remote accesses S 5.15 Shielding of external remote accesses S 5.16 Survey of network services S 5.17 Use of the NFS security mechanisms S 5.18 Use of the NIS security mechanisms S 5.19 Use of the sendmail security mechanisms S 5.20 Use of the security mechanisms of rlogin, rsh and rcp S 5.21 Secure use of telnet, ftp, tftp and rexec S 5.22 Compatibility check of the transmission and reception systems S 5.23 Selecting suitable types of dispatch for data media S 5.24 Use of a suitable fax cover sheet S 5.25 Using transmission and reception logs S 5.26 Announcing fax messages via telephone S 5.27 Acknowledging successful fax reception via telephone S 5.28 Acknowledging correct fax origin via telephone S 5.29 Periodic checks of destination addresses and logs S 5.30 Activating an existing call-back option S 5.31 Suitable modem configuration S 5.32 Secure use of communications software S 5.33 Secure remote maintenance via modem S 5.34 Use of one-time passwords S 5.35 Use of UUCP security mechanisms S 5.36 Encryption under Unix and Windows NT S 5.37 Restricting Peer-to-Peer functions when using WfW, Windows 95 or Windows NT in a server-supported network S 5.38 Secure integration of DOS PC's into a Unix network S 5.39 Secure use of protocols and services S 5.40 Secure integration of DOS-PCs to a Windows NT network S 5.41 Secure configuration of remote access under Windows NT S 5.42 Secure configuration of TCP/IP network administration under Windows NT S 5.43 Secure configuration of TCP/IP network services under Windows NT S 5.44 One-way connection setup S 5.45 Security of WWW browsers S 5.46 Installing stand-alone-systems for Internet use S 5.47 Configuration of a Closed User Group S 5.48 Authentication via CLIP/COLP S 5.49 Callback based on CLIP/COLP S 5.50 Authentication via PAP/CHAP S 5.51 Security-related requirements for communications links between telecommuting workstations and the institution S 5.52 Security-related requirements for communications computers S 5.53 Protection against mail bombs S 5.54 Protection against mail overload and spam S 5.55 Checking of alias files and distribution lists S 5.56 Secure operation of a mail server S 5.57 Secure configuration of mail clients S 5.58 Installation of ODBC drivers S 5.59 Protection against DNS spoofing S 5.60 Selection of a suitable backbone technology S 5.61 Suitable physical segmentation S 5.62 Suitable logical segmentation S 5.63 Use of GnuPG or PGP S 5.64 Secure Shell S 5.65 Use of S-HTTP S 5.66 Use of SSL S 5.67 Use of a time stamp service S 5.68 Use of encryption procedures for network communications S 5.69 Protection against active content S 5.70 Network address translation (NAT) S 5.71 Intrusion detection and intrusion response systems S 5.72 Deactivation of unnecessary network services S 5.73 Secure operation of a fax server S 5.74 Maintenance of fax server address books and distribution lists S 5.75 Protecting against overloading the fax server S 5.76 Use of suitable tunnel protocols for RAS communication S 5.77 Establishment of Subnetworks S 5.78 Protection against mobile phone usage data being used to create movement profiles S 5.79 Protection against call number identification during use of mobile phones S 5.80 Protection against bugging of indoor conversations using mobile phones S 5.81 Secure transmission of data over mobile phones S 5.82 Secure Use of SAMBA S 5.83 Secure Connection of an External Network
with Linux FreeS/WAN S 5.84 Use of encryption procedures for Lotus Notes
communication S 5.85 Use of encryption procedures for Lotus Notes
e-mail S 5.86 Use of encryption procedures with browser
access to Lotus Notes S 5.87 Agreement regarding connection to third party
networks S 5.88 Agreement regarding the exchange of data
with third parties
