|
Initiation responsibility: Head of IT Section, IT Security Management
Implementation responsibility: Administrators
In addition to service functions and remote maintenance (refer to S 2.108 Relinquishment of maintenance of remote ISDN gateways), functions of the router operating systems can also result in security weaknesses. If the router has a Unix operating system, for example, it is possible to start a Telnet session on the router and subsequently manipulate the management information base.
Wherever possible, router functions which are not required should be deactivated, preferably by removing the related software modules. Card functions which can be configured simply through parametrisation must be checked regularly to determine whether the parameter settings are still correct.
Additional controls:
© Copyright
by Bundesamt für Sicherheit in der Informationstechnik |
July 1999 |