HostedDB - Dedicated UNIX Servers
fips191_9 FIPS PUB 191 civil law suits, fines, loss of human life or other long term effects.  Consequences of threats will be discussed in Section 3, Risk Management.  The approach taken here is to categorize the types of  impacts  that  can  occur  on  a  LAN  so  that  specific  technical  threats  can  be  grouped  by  the impacts and examined in a meaningful manner.  For example, the technical threats that can lead to the impact ’LAN traffic compromise’ in general can be distinguished from those threats that can lead to the impact ’disruption of LAN functionalities’.   It should be recognized that many threats may result in more than one impact; however, for this discussion a particular threat will be discussed only in conjunction with one impact.   The impacts that will be used to categorize and discuss the threats to a LAN environment are: •     Unauthorized LAN access - results from an unauthorized individual gaining   access to the LAN. •     Inappropriate  access  to  LAN  resources  -  results  from  an  individual,  authorized  or unauthorized, gaining access to LAN resources in an unauthorized manner. •     Disclosure of data - results from an individual accessing or reading information and possibly revealing the information in an accidental or unauthorized intentional manner. •     Unauthorized Modification to data and software - results from an individual modifying, deleting or destroying LAN data and software in an unauthorized or accidental manner. •     Disclosure of LAN traffic - results from an individual accessing or reading information and possibly revealing the information in an accidental or unauthorized intentional manner as it moves through the LAN. •     Spoofing  of  LAN  traffic  -  results  when  a  message  appears  to  have  been  sent  from  a legitimate, named sender, when actually the message had not been. •     Disruption of LAN functions  - results from threats that block LAN resources from being available in a timely manner. 2.1.1 Unauthorized LAN Access LANs provide file sharing, printer sharing, file storage sharing, etc.  Because resources are shared and not used solely by one individual there is need for control of the resources and accountability for use of the resources. Unauthorized LAN access occurs when someone, who is not authorized to use the LAN, gains access to the LAN (usually by acting as a legitimate user of LAN). Three common  methods  used  to  gain  unauthorized  access  are  password  sharing,  general  password guessing and password capturing. Password sharing allows an unauthorized user to have the LAN access and privileges of a legitimate user; with the legitimate user’s knowledge and acceptance. General password guessing is not a new means of unauthorized access.   Password capturing is a process in which a legitimate user unknowingly reveals the user’s login id and password. This may be done through the use of a trojan horse program that appears to the user as a legitimate login program; however, the trojan horse program is designed to capture passwords.    Capturing a login id and password as it is transmitted across the LAN unencrypted is another method used to ultimately gain access. The methods to capture cleartext LAN traffic, including passwords, is 11