5.2 Unix-System

Description

Here we deal with a stand-alone Unix system, i.e. one without any links to other computers. Terminals, drives, printers and other devices may be connected. Also, a graphic shell (user interface) such as X Windows may be available. Accordingly, X terminals and graphic input devices may be connected in such cases. The following is based on the assumption that a Unix system will usually be a multi-user system.

 

Threat Scenario

The following typical threats (T) are assumed as regards IT baseline protection of a non-networked Unix system:

Force Majeure:

Organisational Shortcomings:

Human Failure:

Technical Failure:

Deliberate Acts:

Recommended Countermeasures (S)

For the implementation of IT baseline protection, selection of the required packages of safeguards ("modules") as described in chapters 2.3 and 2.4, is recommended.

In the following, the safeguard package for "Unix system" is set out.

For any connected DOS PCs, the measures described in Chapter 5.1, are to be implemented. It is advisable to install the server in a separate server room or in a protective cabinet. The safeguards required here are described in Chapters 4.3.2 and 4.4. If an office is used simultaneously as a server room, the safeguards described in Chapter 4.3.1 must also be implemented.

In addition, the following measures will have to be taken:

Infrastructure:

Organisation:

Personnel:

Hardware/Software:

Access to the Unix system

Allocation of attributes / Working with the Unix system

Logging / Security checks

Contingency Planning:


© Copyright by Bundesamt für Sicherheit in der Informationstechnik 2000

Last Update on 6 April 2000