Content-type: text/html

Copyright(c), 1995 - Management Analytics and Others - All Rights Reserved


Check all that apply:



Technical safeguards include protection from outside attacks, inside attacks, and attacks directed from within the firewall.
The interaction of technical safeguards is well defined and understood.
Technical safeguards include automated response to many of the most common threats.
Technical safeguards provide for interface with automated intrustion detection systems or capabilities.
The firewall operates on highly secure operating systems.
The firewall does NOT consist entirely of a screening router.
The firewall properly seperates a DMZ from the inside network and the outside network.
The firewall does not artificially limit the number of simultaneous sessions that can operate through it, or the limits are such that they are beyond any anticipated performance requirements.
The firewall is not artificially limited by the state information required to perform its function, or the limits are such that they are beyond any anticipated performance requirements.
The size of the access control file does not grow to extremes given the complexity of the organization's current or anticipated access control requirements.
Control of the access control file is adequate to assure that there are no windows of vulnerability as the access control information is changed.
No denial of service results during changes of access control information.
When access control information is changed, active sessions which access controls should not permit are terminated.
None of the attacks that have become widely known in the last months have worked against this firewall.
There is a systematic method for finding out about and updating the firewall to defend against new attacks.
IP packet forwarding is turned off.
Source routing does not operate through tyhe firewall.
The recent packet fragmentation attack did not work through this firewall.
The firewall uses redundancy in the form of defense-in-depth to assure that no single attack or configuration error can bypass the firewall's controls.
All processes operating on all firewall computers at the time of the audit are known to be appropriate and appear to be operating properly based on the process status listing.
Traceroute through the Internet properly identifies routes including routes that cannot be verified as appropriate.
Widely used tests run from over the Internet or other similar networks do not reveal any firewall flaws.
The /etc/services file contains only services in actual use on each machine within the firewall.
The /etc/inetd.conf file contains only services in actual use on each machine within the firewall.
Comments are not used to disable services, rather, those service entries are not within the files used to identify those services to the operating system.
All entries in all access control lists are known to be appropriate and have been individually verified as part of reviewing this checklist.
The password file has been examined for widely know inappropriate practices and no inappropriate or questionable entries are included within it.
Crack has been run against a copy of the password file and none of the passwords were successfully guessed.
Rsh and Portmapper functions are disabled on all firewall components.
Regular backups are done of all firewall components.
Copies of firewall backups are stored both on-site for rapid recovery and off-site for disaster revovery.
Backups are restored on a regular basis on machines designated for disaster revoery as a test of their proper operation.
Firewall files are cryptographically checksummed and those checksums are regularly verified.
Firewall files are stored on on read-only media and a system of sound change control is used to make firewall alterations.
With maximum value of