发表于2003/1/10 14:03:00 671人阅读
Notes是一完全地不同的例子。 以英特网为基础的上病毒和攻击发生如此时常的理由之一, 是传播者是匿名的。 他们不须为报应或处罚担忧。 然而,你不必担心攻击Notes server会像攻击防火墙或文件传送协议伺候器一样。 你甚至不能碰触一个Notes server除非某人有为你产生一个ID。 而且一旦一个身份ID存在,就有一条电子的踪迹可以跟随,我不就不单心你划除什么域。
某人做了一个匿名的邮件炸弹? 那么， 我将经过所有的服务器追踪痕迹，在RouteServers 领域中列出找开始的邮件来自哪里。然后候我将检查RouteTimes/PostedDate 而且对比Notes日志看它经过那个服务器。 然后我将检查相关者的日志并且找到他们。
担忧在你的N&A被攻击吗? 不 给任何人权限超过“读者”, 而且紧紧地控制验证者。 就是不让任何人得到服务器上的复制/ 副本。 并且, 放置一个mail-paste 宏--一个位于N&A的@DocumentDelete。(这将会防止任何数据库文档里的邮件和设定使用者的邮件数据库位置是主或第二个N&A为他本身威胁N&A.) 最后, 为所有的文件作标记
在本地工作区依照N&A读和在一个基本周期检查数据库未读文档。 是否新的东西或改变在那里 (即使它不在视图中出现) 你将会发现多余的表名而找它。(因为担心被使不满的职员改变文档或表单,继承来自 "approved" 型模板的 N&A 并且设计一个代码集检查文档有神秘或"non-approved"形式名字). 哦, 而且不忘记安装统计和事件报告数据库!
我的观点是只是这: 由於方法Notes被设计, 连接总是 "granted", 不默认。 如此, 无论怎么, 总是某处而且在那里有记录活动和拒绝连接。
如果你有敏感的安全防范, 你把日志调到最大, 而且训练你的使用者注意按钮在迫使他们使用之前 ( 高亮按钮而且选择编辑->按钮) 那么你真的多没有烦恼有关。 如果你曾经确实遇到未知的东西, 你将会可以利用信息追踪讨厌的文档。 不让惊慌的商惊吓你而远离Notes!"
"...Notes is an entirely different paradigm. One of the reasons viruses and attacks on internet-based systems happen so frequently, is that the initiators are anonymous. They don't have to worry about retribution or punishment. However, you don't attack a Notes server anonymously like a Firewall or FTP server. You can't even begin to touch a Notes server unless someone has created an ID for you. And as soon as an ID exists, there's an electronic trail to follow, I don't care what fields you delete.
Someone creates an anonymous mail-bomb? Fine. I'll just trace through all the servers listed in the RouteServers field to find where the initial mail came from. Then I'll check the RouteTimes/PostedDate and compare that to the Notes Log to see when it was routed through that server. Then I'll check to see who was logged in and bust them.
Worried about attacks on your N&A? Don't give anyone greater than reader access, and control the certifier tightly. Don't let just anyone create replicas/copies on the server. Also, place a mail-paste macro that does an @DocumentDelete in the N&A. (This will keep anyone from routing anything nasty to the N&A by using Mail-In database documents or by setting the mail database destination of a user in the main or secondary N&A book to be the N&A itself.) Finally, mark all documents in the
N&A as read and check the database for unread documents on a periodic basis from the local workspace. If anything new or changed is there (even if it doesn't show up in a view) you'll find it by pressing that Tab key. (For those people who are worried about a disgruntled employee making design changes to documents or forms, inherit the N&A design from an "approved" template nightly and run a nightly background macro to check for documents that have mysterious or "non-approved" form names). Oh, and don't forget to setup statistics and event reporting!
My point is simply this: due to the way Notes was designed, access is always "granted", not implicit. So, no matter what, there's always a record of activity somewhere and there always a way to deny that access.
If you have your security set up sensibly, your logging turned up to the max, and train your users to look at buttons before pressing them (highlight the button and choose Edit->Button) then you really don't have much to worry about. If you ever do encounter anything strange, you'll be able to trace it with the information contained in the offending document. Don't let panic mongers scare you away from Notes!"