S 5 Safeguard Catalogue - Communications

S 5.1 Removal, or short-circuiting and grounding, of unneeded lines
S 5.2 Selection of an appropriate network topography
S 5.3 Selection of cable types suited in terms of communication technology
S 5.4 Documentation on, and marking of, cabling
S 5.5 Damage-minimising routing of cables
S 5.6 Mandatory use of a network password
S 5.7 Network management
S 5.8 Monthly security checks of the network
S 5.9 Logging at the server
S 5.10 Restrictive granting of access rights
S 5.11 Blocking the server console
S 5.12 Setting up an additional network administrator
S 5.13 Appropriate use of equipment for network coupling
S 5.14 Shielding of internal remote accesses
S 5.15 Shielding of external remote accesses
S 5.16 Survey of network services
S 5.17 Use of the NFS security mechanisms
S 5.18 Use of the NIS security mechanisms
S 5.19 Use of the sendmail security mechanisms
S 5.20 Use of the security mechanisms of rlogin, rsh and rcp
S 5.21 Secure use of telnet, ftp, tftp and rexec
S 5.22 Compatibility check of the transmission and reception systems
S 5.23 Selecting suitable types of dispatch for data media
S 5.24 Use of a suitable fax cover sheet
S 5.25 Using transmission and reception logs
S 5.26 Announcing fax messages via telephone
S 5.27 Acknowledging successful fax reception via telephone
S 5.28 Acknowledging correct fax origin via telephone
S 5.29 Periodic checks of destination addresses and logs
S 5.30 Activating an existing call-back option
S 5.31 Suitable modem configuration
S 5.32 Secure use of communications software
S 5.33 Secure remote maintenance via modem
S 5.34 Use of one-time passwords
S 5.35 Use of UUCP security mechanisms
S 5.36 Encryption under Unix and Windows NT
S 5.37 Restricting Peer-to-Peer functions when using WfW, Windows 95 or Windows NT in a server-supported network
S 5.38 Secure integration of DOS PC's into a Unix network
S 5.39 Secure use of protocols and services
S 5.40 Secure integration of DOS-PCs to a Windows NT network
S 5.41 Secure configuration of remote access under Windows NT
S 5.42 Secure configuration of TCP/IP network administration under Windows NT
S 5.43 Secure configuration of TCP/IP network services under Windows NT
S 5.44 One-way connection setup
S 5.45 Security of WWW browsers
S 5.46 Installing stand-alone-systems for Internet use
S 5.47 Configuration of a Closed User Group
S 5.48 Authentication via CLIP/COLP
S 5.49 Callback based on CLIP/COLP
S 5.50 Authentication via PAP/CHAP
S 5.51 Security-related requirements for communications links between telecommuting workstations and the institution
S 5.52 Security-related requirements for communications computers
S 5.53 Protection against mail bombs
S 5.54 Protection against mail overload and spam
S 5.55 Checking of alias files and distribution lists
S 5.56 Secure operation of a mail server
S 5.57 Secure configuration of mail clients
S 5.58 Installation of ODBC drivers
S 5.59 Protection against DNS spoofing
S 5.60 Selection of a suitable backbone technology
S 5.61 Suitable physical segmentation
S 5.62 Suitable logical segmentation
S 5.63 Use of PGP
S 5.64 Secure Shell
S 5.65 Use of S-HTTP
S 5.66 Use of SSL
S 5.67 Use of a time stamp service
S 5.68 Use of encryption procedures for network communications
S 5.69 Protection against active content
S 5.70 Network address translation (NAT)
S 5.71 Intrusion detection and intrusion response systems
S 5.72 Deactivation of unnecessary network services
S 5.73 Secure operation of a fax server
S 5.74 Maintenance of fax server address books and distribution lists
S 5.75 Protecting against overloading the fax server
S 5.76 Use of suitable tunnel protocols for RAS communication
S 5.77 Establishment of Subnetworks
S 5.78 Protection against mobile phone usage data being used to create movement profiles
S 5.79 Protection against call number identification during use of mobile phones
S 5.80 Protection against bugging of indoor conversations using mobile phones
S 5.81 Secure transmission of data over mobile phones
S 5.82 Secure Use of SAMBA
S 5.83 Secure Connection of an External Network with Linux FreeS/WAN

© Copyright by Bundesamt für Sicherheit in der Informationstechnik 2000

Last Update: October 2000