RFC 2504 (rfc2504) - Page 2 of 33

Users' Security Handbook

Alternative Format: Original Text Document
< Previous
Next >
RFC 2504                Users' Security Handbook           February 1999


   6.   Bad Things Happen . . . . . . . . . . . . . . . . . . . . 15
   6.1.   How to Prepare for the Worst in Advance . . . . . . . . 15
   6.2.   What To Do if You Suspect Trouble . . . . . . . . . . . 16
   6.3.   Email . . . . . . . . . . . . . . . . . . . . . . . . . 17
   7.   Home Alone  . . . . . . . . . . . . . . . . . . . . . . . 17
   7.1.   Beware of Daemons . . . . . . . . . . . . . . . . . . . 17
   7.2.   Going Places  . . . . . . . . . . . . . . . . . . . . . 19
   7.3.   Secure It!  . . . . . . . . . . . . . . . . . . . . . . 20
   8.   A Final Note  . . . . . . . . . . . . . . . . . . . . . . 20
   Appendix: Glossary of Security Terms . . . . . . . . . . . . . 21
   Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . 31
   References . . . . . . . . . . . . . . . . . . . . . . . . . . 31
   Security Considerations  . . . . . . . . . . . . . . . . . . . 32
   Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 32
   Full Copyright Statement . . . . . . . . . . . . . . . . . . . 33

Part One:  Introduction

   This document provides guidance to the end-users of computer systems
   and networks about what they can do to keep their data and
   communication private, and their systems and networks secure. Part
   Two of this document concerns "corporate users" in small, medium and
   large corporate and campus sites.  Part Three of the document
   addresses users who administer their own computers, such as home
   users.

   System and network administrators may wish to use this document as
   the foundation of a site-specific users' security guide; however,
   they should consult the Site Security Handbook first [RFC 2196].

   A glossary of terms is included in an appendix at the end of this
   document, introducing computer network security notions to those not
   familiar with them.

1.  READ.ME

   Before getting connected to the Internet or any other public network,
   you should obtain the security policy of the site that you intend to
   use as your access provider, and read it.  A security policy is a
   formal statement of the rules by which users who are given access to
   a site's technology and information assets must abide.  As a user,
   you are obliged to follow the policy created by the decision makers
   and administrators at your site.

   A security policy exists to protect a site's hardware, software and
   data.  It explains what the security goals of the site are, what
   users can and cannot do, what to do and who to contact when problems
   arise, and generally informs users what the "rules of the game" are.



Guttman, et. al.             Informational
< Previous
Next >