Security Management Guide (G06.24+, H06.03+)
Concerns for the User
Security Management Guide—522283-008
5-17
Trojan Horses
•
People (especially recipients who do not ordinarily receive sensitive mail) often
read mail without regard to who is standing near their terminals.
Suggestions for Using Electronic Mail
The following suggestions can help you avoid divulging sensitive information through
electronic mail:
•
Use the subject line to alert recipients of sensitive messages. The recipient can
then take care to read the message in private.
•
Consider keeping sensitive information in a file accessible only to those you want
to see it. Use the mail system to tell recipients where to find the information, but do
not include the information itself in the message. If necessary, use a Safeguard
ACL to restrict access to the sensitive file.
•
Inform your recipients of the ways that sensitive information can be obtained by the
intruder. Include warnings in your sensitive messages. For example:
DO NOT PRINT THIS IN THE CENTRAL PRINTER ROOM!
USE A SECURE PRINTER!
You might adopt certain standard terms, such as SENSITIVE, CONFIDENTIAL,
COMPANY CONFIDENTIAL, and PROPRIETARY to reflect various levels of
protection necessary.
•
Do not remain logged on to the mail system when you are not using it.
Trojan Horses
A Trojan horse is a program that mimics the actions of another program but secretly
performs additional functions for an intruder using the privileges of the invoker.
For example, an intruder might rename FUP and then provide another program named
FUP that is executed when you try to use FUP. This substitute FUP might quickly
perform some secret operation (such as relaxing the protection on one of your files)
before proceeding to call on the legitimate FUP to do what you requested. The
operation might appear completely normal, and you might never discover the intrusion.
Fortunately, your security administrator and system manager can take steps to prevent
the substitution of Trojan horses for legitimate distributed software.
Warning Signs
Watch for warning signs that sometimes accompany the execution of a Trojan horse. If
a program seems to operate atypically, it might be a Trojan horse and should be
reported to your security administrator.