These requirements are strongly recommended, however it is recognised that
these are not possible in all instances. Failure to comply to these requirements
may degrade the security of the firewall.
Testing Procedures
It is recommended that procedures exist for testing the firewall before
it is the changes are installed on the firewall. If the firewall policy
is altered then there need to be a process where by the new policy is tested
before it is ‘burnt’ into the actual firewall. This is done to ensure that
the changes to the firewall do not have a negative effect on its operation.
User names / passwords for managing the firewall.
Windows NT is not considered secure when unauthorised people get physical
access to the com-puter. This includes the ability to obtain usernames/passwords
(using tools like NTFSdos and L0phtcrack), and if such tools as MS SMS,
PC anywhere etc. are being used for managing the com-puter, others may
watch the local console monitor to obtain and possibly also interrupt the
remote man-agement session. Few people (1-5) should be allowed access to
the firewall. This includes physical access, local logon (Windows NT) and
remote firewall logon. Windows NT remote access should not be allowed.
Hard-to-guess usernames and password should be used. Each user with
read or read/write access to the firewall configuration should be identified
by unique usernames.
Management stations that can access and
configure the firewall
During installation you must set DNS host names and/or IP addresses of
those man-agement stations allowed to access the firewall. We recommend
using IP addresses instead of DNS host names, as this increases the risk
of spoofed DNS attacks to the firewall management ports.
