T 4.10 Complexity of access possibilities to networked IT systems

As opposed to stand-alone systems where the log-in process is essentially responsible for access control, and which can thus be corrupted only by inadequately defined or insufficient passwords, network computers have many complex processes allowing multifarious forms of access. Thus, for instance, under Unix sendmail allows for the introduction of texts (mails) into the network computer; FTP allows a log-in, albeit restricted, which in instances ( anonymous FTP) is not even protected by a password; while telnet allows a complete log-in.

For security reasons server systems such as Windows NT or Novell Netware avoid the transmission of plain-text passwords. However, this security mechanism will be deactivated when using services such as FTP or Telnet as plain-text passwords are used.

Apart from the fact that all these processes can constitute a security flaw on account of an incorrect or faulty configuration, there is, of course, also a much greater probability that a security-related programming error could exist in one of the processes due to its size.