*********************************************************************** DDN Security Bulletin 90-06 DCA DDN Defense Communications System 27 Mar 90 Published by: DDN Security Coordination Center (SCC@NIC.DDN.MIL) (800) 235-3155 DEFENSE DATA NETWORK SECURITY BULLETIN The DDN SECURITY BULLETIN is distributed by the DDN SCC (Security Coordination Center) under DCA contract as a means of communicating information on network and host security exposures, fixes, & concerns to security & management personnel at DDN facilities. Back issues may be obtained via FTP (or Kermit) from NIC.DDN.MIL [26.0.0.73] using login="anonymous" and password="guest". The bulletin pathname is SCC:DDN-SECURITY-yy-nn (where "yy" is the year the bulletin is issued and "nn" is a bulletin number, e.g. SCC:DDN-SECURITY-90-01). ********************************************************************** PRECAUTIONARY NOTE April Fools' day (April 1) has traditionally been a time for pranks of all kinds. In order to guard against possible benign or malevolent attempts to affect the normal operation of your host, we suggest taking the following easy precautions: 1. Write a set of emergency procedures for your site and keep it up to date. Refer to DDN Security Bulletin 90-03 for help regarding the type of information to collect and whom to call. 2. Save your files regularly, and make file back-ups often. Put the distribution copies of your software in a safe place away from your computer room. Don't forget where they're stored! 3. Avoid trivial passwords and change them often. (See the "Green Book" (Department of Defense Password Management Guideline), CSC-STD-002-85, for information on the use of passwords.) 4. Check to make sure your host has no unauthorized users or accounts. Also check for obsolete accounts (a favorite path for intruders to gain access). 5. Restrict system ("superuser", "maint", etc.) privileges to the minimum number of accounts you possibly can. 6. Well publicized accounts including "root", "guest", etc., having system privileges should be renamed to avoid undue attention. 7. Keep your maintenance contracts active. Of course, these steps should be taken throughout the year as part of your regular operating procedures. -------