RFC 2179 (rfc2179) - Page 1 of 10
Network Security For Trade Shows
Alternative Format: Original Text Document
Network Working Group A. Gwinn
Request for Comments: 2179 Networld+Interop NOC Team
Category: Informational July 1997
Network Security For Trade Shows
Status of this Memo
This memo provides information for the Internet community. This memo
does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.
Abstract
This document is designed to assist vendors and other participants in
trade shows, such as Networld+Interop, in designing effective
protection against network and system attacks by unauthorized
individuals. Generally, it has been observed that many system
administrators and trade show coordinators tend to overlook the
importance of system security at trade shows. In fact, systems at
trade shows are at least as prone to attack as office-based
platforms. Trade show systems should be treated as seriously as an
office computer. A breach of security of a trade show system can
render -- and has rendered -- an exhibitor's demonstrations
inoperable -- sometimes for the entire event!
This document is not intended to replace the multitudes of
comprehensive books on the subject of Internet security. Rather, its
purpose is to provide a checklist-style collection of frequently
overlooked, simple ways to minimize the chance of a costly attack.
We encourage exhibitors to pay special attention to this document and
share it with all associated representatives.
Physical Security
Before addressing technical security issues, one of the most
frequently underrated and overlooked security breaches is the simple
low-tech attack. The common victim is the one who leaves a console
logged in, perhaps as root, and leaves the system. Other times, an
anonymous "helpful soul" might ask for a password in order to assist
the user in "identifying a problem." This type of method allows an
intruder, especially one logged in as "root", access to system files.
Gwinn Informational
