**************************************************************************
Security Bulletin 9123                  DISA Defense Communications System
7 November 1991             Published by: DDN Security Coordination Center
                                      (SCC@NIC.DDN.MIL)   1-(800) 365-3642

                        DEFENSE  DATA  NETWORK
                          SECURITY  BULLETIN

The DDN  SECURITY BULLETIN is distributed  by the  DDN SCC  (Security
Coordination Center) under DISA contract as  a means of  communicating
information on network and host security exposures, fixes, &  concerns
to security & management personnel at DDN facilities.  Back issues may
be  obtained  via  FTP  (or  Kermit)  from  NIC.DDN.MIL  [192.112.36.5]
using login="anonymous" and password="guest".  The bulletin pathname is
SCC:DDN-SECURITY-yynn (where "yy" is the year the bulletin is issued
and "nn" is a bulletin number, e.g. SCC:DDN-SECURITY-9123).
**************************************************************************

               NETWORK SECURITY TESTING AND MONITORING


    1. IN ACCORDANCE WITH NATIONAL TELECOMMUNICATIONS AND INFORMATION
       SYSTEMS SECURITY DIRECTIVE (NTISSD) NO. 600, "COMMUNICATIONS
       SECURITY (COMSEC) MONITORING," 10 APR 90 (FOUO), IT IS REQUIRED
       THAT USERS OF GOVERNMENT TELECOMMUNICATIONS SYSTEMS BE NOTIFIED
       IN ADVANCE THAT THEIR USE OF THESE SYSTEMS CONSTITUTES CONSENT
       TO MONITORING FOR COMSEC PURPOSES.  THE SAME APPLIES TO SECURITY
       TESTING OF AUTOMATED INFORMATION SYSTEMS AND NETWORKS.

    2. ADEQUATE NOTICE TO USERS CAN BE ACCOMPLISHED BY ANY OF THE
       FOLLOWING MEANS OR ANY COMBINATION THEREOF:

       (A). DISPLAYING A PRINTED MESSAGE DURING THE LOG-ON PROCESS.

       (B). DISPLAYING A PRINTED MESSAGE PERIODICALLY OR CONTINUALLY
            DURING SYSTEM OPERATION.

       (C). DECALS PLACED ON PROCESSING TERMINALS, TRANSMITTING AND
            RECEIVING DEVICES.

       (D). NOTICES IN DAILY BULLETINS OR SIMILAR MEDIUM.

       (E). A SPECIFIC MEMORANDUM TO USERS.

       (F). A STATEMENT IN THE STANDING OPERATING PROCEDURES,
            INSTRUCTIONS, OR SIMILAR DOCUMENTS.

    3. RECOMMEND, AS SOON AS POSSIBLE, ALL USERS OF THE DEFENSE DATA
       NETWORK (DDN) BE PUT ON NOTICE THAT THEIR USE OF THE DDN CONSTITUTES
       CONSENT TO SECURITY MONITORING AND SYSTEM TESTING.  PROPER
       NOTIFICATION IN TERMS OF CONTENT AND SPECIFICITY IS:

       "GOVERNMENT TELECOMMUNICATIONS SYSTEMS AND AUTOMATED INFORMATION
       SYSTEMS ARE SUBJECT TO A PERIODIC SECURITY TESTING AND MONITORING TO
       ENSURE PROPER COMMUNICATIONS SECURITY (COMSEC) PROCEDURES ARE BEING
       OBSERVED.  USE OF THESE SYSTEMS CONSTITUTES CONSENT TO SECURITY
       TESTING AND COMSEC MONITORING."

    4. ON DDN HOSTS WITH LIMITED CHARACTERS AVAILABLE IN THE LOG-IN
       BANNERS, ADEQUATE NOTICE WOULD BE PROVIDED BY DISPLAYING THE
       FOLLOWING:

       "USE CONSTITUTES CONSENT TO SECURITY TESTING AND MONITORING."

    5. POINT OF CONTACT IS MAJOR BOYD, CODE DODM, AT COMM (703) 692-7580
       OR DSN (312) 222-7580.