RE: C2 security standards

From: Zuska, John (zuska.j@ic.grainger.com)
Date: 05/24/02


From: "Zuska, John" <zuska.j@ic.grainger.com>
To: "'focus-sun@securityfocus.com'" <focus-sun@securityfocus.com>
Date: Fri, 24 May 2002 10:27:41 -0500

I found this information off of Sun's website.

"C2 Auditing, also called Controlled Access Protection, can produce a more
detailed audit report. The Department of Defense defined C2 auditing as part
of it's guidelines for various levels of computer security in the 1980's.
These requirements are outlined in the Orange Book or Trusted Computer
Systems Evaluation Criteria (TC-SEC). Security levels are listed starting
with D for the lowest, up to A1 for the highest. The National Computer
Security Center (NCSC) evaluates systems based on this criteria."

additionally the NCSC papers are availible here
http://www.radium.ncsc.mil/tpep/library/rainbow/5200.28-STD.html
and
http://www.radium.ncsc.mil/tpep/library/rainbow/NCSC-TG-005.html

-John Zuska
UNIX System Administrator
Grainger E-Business



Relevant Pages

  • Re: audit user activity
    ... you can set filter to view the Security log for a particular user. ... Microsoft CSS Online Newsgroup Support ... This newsgroup only focuses on SBS technical issues. ... Right-click Small Business Server Auditing Policy and click Edit. ...
    (microsoft.public.windows.server.sbs)
  • Re: Pen-testing Internships?
    ... I know that Wells Fargo has a program for IT auditing where they go to ... > very good resource for learning and collaboration among IT Security ... Cenzic has the most comprehensive solutions to meet your application security penetration testing and vulnerability management needs. ... You have an option to go with a managed service or an enterprise software. ...
    (Pen-Test)
  • RE: Sharing Folder and Files
    ... you need to enable Local Security Auditing and then auditing on your ... The audited entries can be viewed under Event Viewer --> Security. ... --> Enable auditing on your folders. ...
    (microsoft.public.win2000.file_system)
  • Re: Audit Failures/READ_CONTROL SYNCHRONIZE
    ... am I trying to use auditing for something it was not ... >: If you're using Windows 2000 then you're going to see a lot of yucky events>: like this. ... Access failures often occur normally, Explorer in particular>: often tries to open files with maximum privilege,>: and then use the failure as a UI cue- it will display the file differently. ... >: For instance, if you don't have Full Control on a file, Explorer will notice>: and disable parts of the security dialog. ...
    (comp.os.ms-windows.nt.admin.security)
  • Re: How to trace a deleted file on a server by a user
    ... If you didn't have security auditing enabled, ... want to audit every single file operation. ... MCSE, CCEA, Microsoft MVP - Terminal Server ...
    (microsoft.public.win2000.termserv.apps)