All,
On Mon, Aug 16, 1999 at 12:54:17PM -0400, Brumfield, Larry wrote:
[login banner issue]
-snip-
> The reason I'm in a bit of a hurry (isn't everyone these days?) is that we
> are about to deploy a massive infrastructure IOS upgrade and we will be
> accessing several hundred routers in the next weeks - and I'd sure love to
> get this issue into the goop along with it.
Wise.
Something that made me smile while looking for this:
from
http://edms-www.jpl.nasa.gov/Section356/SYSADMIN/Security/JPL_Unix_Checklist.html
An excerpt from the page, entitled "UNIX SECURITY CHECKLIST (1.1)":
| The login banner (/etc/motd file) should not include the word
| "welcome". It is recommended to use something similar to:
|
| * * * W A R N I N G * * *
| This computer system is the property of the
| UNITED STATES GOVERNMENT
|
| Unauthorized use is a violation of U. S. Federal Law.
(I thought the don't-display-"welcome" recommendation was pretty funny.)
Other links that might be useful:
http://ndta.volpe.dot.gov/usage.htm
http://sbir.gsfc.nasa.gov/SBIR/security.htm
http://misspiggy.gsfc.nasa.gov/ctre/security.html
http://www.bop.gov/progstat/12370111.html
Here's an authorative-looking one (out of the orange book):
from
http://tecnet0.jcte.jcs.mil:9000/htdocs/tecwarn.html
Which is the `banner' link from
http://tecnet0.jcte.jcs.mil:9000/htdocs/teinfo/directives/soft/ds5200.281.html
| WARNING!
|
| Per U.S. Government regulations, a security banner must be
| displayed on every Government System. Read the Security Banner
| before continuing.
|
| "This is a Department of Defense Computer System. This computer
| system, including all related equipment, networks and network
| devices (specifically including internet access), are provided
| only for authorized U.S. Government use. DoD computer systems
| may be monitored for all lawful purposes, including to ensure
| that their use is authorized, for management of the system, to
| facilitate protection against unauthorized access, and to verify
| security procedures, survivability and operational security.
| Monitoring includes active attacks by authorized DoD entities to
| test or verify the security of this system. During monitoring,
| information may be examined, recorded, copied and used for
| authorized purposes. All information, including personal
| information, placed on or sent over this system may be
| monitored. Use of this DoD computer system, authorized or
| unauthorized, constitutes consent to monitoring of this system.
| Unauthorized use may subject you to criminal prosecution.
| Evidence of unauthorized use collected during monitoring may be
| used for administrative, criminal, or adverse action. Use of
| this system constitutes consent to monitoring for these
| purposes."
Now, I'm afraid I haven't been able to find the definitive
authorative text that is necessary, and all of this is country-specific
anyway .. but I came across some interesting links ..
Good luck,
=Ben
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
