System Security Breaches

If both a Table of Contents and Search form are not displayed in separate frames along with this one, you may wish to redisplay this book in a frameset, beginning with the first page.

HP OpenVMS Guide to System Security

Security for the System Administrator

Managing the Auditing Subsystem

Forms of System Attacks

10	System Security Breaches

Along with developing a security policy and selecting appropriate security measures to implement that policy, a site needs to establish and test procedures for handling system, site, or network compromises. The procedure should address two areas:

Appropriate responses once a breach is suspected or confirmed. Site guidelines should help determine whether to increase site security (eliminating all possibility of further compromise), put proactive measures in place to apprehend the offender, or collect evidence to initiate a criminal or civil suit. Each decision has its own set of rules and guidelines.

Appropriate contacts and resources outside of the site that may be needed should such an event occur. For example, a company might want to become familiar with local, state, and federal authorities (as applicable), local phone carriers (security division), and the HP support groups.¹

This chapter describes how to recognize when an attack on the system is in progress or has taken place and what countermeasures can be taken.

Forms of System Attacks
Indications of Trouble
Routine System Surveillance
Handling a Security Breach

Footnotes

1
HP support groups include the Software Security Response Team (SSRT) in the United States and the European Security Program Office (ESPO).

( Number takes you back )

Managing the Auditing Subsystem

Forms of System Attacks