Parts 1-3*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*        Government Computer Security Techniques        *=*=*=*=*=*=*=*=*      Written By: The Line Breaker     *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=As most of you know (those who have been around for over 1 year),I am a computer security consultant by trade.  I do work for mostlarge companies and sometimes the government.  Well I am here nowgoing to explain in great detail the fundamentals of governmentcomputer security.  There are going to be roughly 25 sections tothis g-phile, so open your buffers and let them rip.Each file is broken into several parts starting with the controltitle and ending with the principles of note.  I help design mostof the systems that you are about to read about, and most of theproblems that you run across in your every day hacking should besolved here.  The secret to the philes is to read them carefullyand then reverse the process in some cases, otherwise they willhelp you understand in greater detail the workings of computersecurity.*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*            C.S.T. Volume One -- G-phile One           *=*=*=*=*=*=*=*        Written By: The Line Breaker     *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=Control Title: Low Building Profile-----------------------------------Description -> buildings housing computer systems and the computerfacilities should be unobtrusive and give minimum indication oftheir purpose.  There should be no obvious signs identifyingcomputing activities outside or inside buildings.  Buildingsshould look unimpressive and ordinary relative to nearbybuildings.  Building lobby directories and company telephone booksshould not identify locations of computer activities except foroffices and reception areas that serve outsiders and are locatedseparately from operational areas.  Physical access barriers,including access control signs, should be reasonably visible,however.Strengths -> a low profile reduces the likelihood of attention bydestruction-minded outsiders.  Such attention tends to be directedaway to other more visible targets.Weaknesses -> a low profile may reduce business promotion valuesand inconvenience visitors, vendors, delivery people, and otherswho have a legitimate need to find computing facilities.Purpose -> deterrenceControl Area -> computer centerMode -> manual procedureArea of Responsibility -> management, securityCost - lowPrinciples of Note -> avoidance of need for design secrecy,completeness and consistency, least privileged*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*             C.S.T. Volume One -- Phile Two            *=*=*=*=*=*=*=*=*      Written By: The Line Breaker     *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=Control Title -> telephone accessObjective -> avoid computer access exposureDescription -> limiting access to a computer and data files can bean important means of security.  Several means of accomplishingthis are possible.  It may be possible and important to eliminatedial-up access to a computer.  A computer interfaced to thedial-up public telephone network is exposed to access from anytelephone in the world.  There may be a trade-off in computersecurity by giving up or limiting the benefits of dial-up access.This can be accomplished by using only point-to-point wire orleased-line telephone access to the computer.  An alternative isto provide dial-up access to a small computer for development orother timesharing purposes while reserving another computer formore sensitive production activity that is not interfaced todial-up telephones.  A control computer providing access to two ormore other computers can also be used as a means of protectingthem from dial-up access.  An alternative method of restrictingaccess is to provide for dial-up access at limited periods of timeof day.  During periods of dial-up access, particularly sensitivefiles or applications would not be resident in the computer systemor secondary storage.  A partial degree of protection for dial-upaccess systems is to maintain strict need-to-know availability ofthe telephone numbers and log-in protocol for accessing thecomputer system.  Most dial-up timesharing computer services havesimilar access protocols; therefore, a unique, very differentinitial access exchange of identifying information may be usefulto limit access.  The telephone numbers should be unlisted,different in pattern of digits, and have different prefixes fromvoice telephone numbers for the organizations that are publiclylisted.  Call back to verifying the source of telephone access isalso popular.Strengths -> avoidance of exposure is a particularly strong meansof simplifying and reducing the problems of securing computersystems.  Limiting or eliminating dial-up access significantlyreduces exposure.Weakness -> an important objective for computers is to make themeasily and widely accessible.  Eliminating or limiting dial-upsignificantly reduces this capability.How to Audit -> access capabilities, review access logsPurpose -> preventionControl Area -> computer systemMode -> hardwareArea of Responsibility -> operationCost -> highPrinciples of Note -> least privilege, limit dependence on othermechanisms                                                                                *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*            C.S.T. Volume One -- Phile Three           *=*=*=*=*=*=*=*=*      Written By: The Line Breaker     *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=Control Title -> limit transaction privileges from terminalObjective -> prevent loss or destruction of assets, preventunauthorized browsing of systems files, prevent "hacking", preventsystem crashes caused by unauthorized use of certain systemcommandsDescription -> in addition to controlling resources (files,off-line data storage volumes, etc.), the transactions that aparticular user is permitted to initiate are limited.  What thesystem commands that a user can use or is informed of iscontrolled by the user's job duties.  Thus, the system's level andapplication command, such as reporting who is currently loggedinto the system, are restricted on a need-to-know basis.  Logs maybe kept for all attempts to use an authorized system command; thiscan be used to determine who needs training or perhapsdisciplinary action.Strengths -> prevents users from performing unauthorized acts,including examination of files names of other users and othersystem-related commands.  Without these systems transactions,compromise of the operating system and other such abuses are madesignificantly harder to accomplish.  Because the system commandsare monitored and controlled by the computer, they can besustained and enforced.Weaknesses -> may unduly restrict users' ability to perform theirjobs, especially if the users are programmers.  Undue restrictionmay result in reduced productivity and increased levels offrustration.  Determination of what commands should be restrictedmay be involved and time consuming.How to Audit -> examine system commands permitted for certaingroups of users for reasonableness. Review request for changes insystems command privileges for authorization and need.  Ifavailable, examine logs for unauthorized attempts to use systemscommands that certain users are not permitted to use.Purpose -> preventionControl Area -> computer systemMode -> computer operating system, computer application systemArea of Responsibility -> operations managementCost -> mediumPrinciples of Note -> simplicity, least privilege, independence ofcontrol and subject, substantialityDownloaded from P-80 Systems.....