S 5.6 Fax servers
Description
This chapter considers information transfer via facsimile (fax). In selecting safeguards for IT-Grundschutz, no distinction has been made between different transmission standards (e.g. CCITT group 3). This module only covers the basic technicalities of fax traffic generated using a fax server. A fax server under this definition is an application which is installed on an IT system and provides services on a network enabling other IT systems to send and/or receive faxes.
Fax servers are usually integrated into existing e-mail systems. It is therefore possible, for example, for incoming fax documents to be delivered to users by e-mail. Outgoing documents are relayed to the fax server either via a printer queue system or by e-mail. If the fax server is integrated into an e-mail system, it will also be possible to send out "serial letters" either by fax or by e-mail. If the recipient has access to e-mail, e-mail will be the more economical way to receive the message, otherwise the message will come by fax. The document sent or received by a fax server is a graphics file which cannot be directly edited in a word processing system. However, archiving is possible in any case. This can be done either through the fax server software or in document management systems.
Fax server applications are available for a number of operating systems, e.g. for various Unix derivatives, Microsoft Windows, and Novell NetWare. The threats and safeguards associated directly with whichever operating system is used are not covered in this module. Such information is more likely to be found in module S 3.1 General server and the corresponding operating system-specific module.
In many cases fax servers also have a binary transfer mode capability. This enables the transmission of any data which is not in fax format. These transmissions do not constitute fax transmissions. Therefore, any specific threats and safeguards relating to this facility are not considered in this module. If binary transfer mode is permitted, additional reference should be made to module S 4.3 Modem.
Threat scenario
The following typical threats are assumed for the transfer of information by fax via a fax server as part of IT-Grundschutz:
Organisational Shortcomings
T 2.7 |
Unauthorised use of rights |
T 2.9 |
Poor adjustment to changes in the use of IT |
T 2.22 |
Lack of or insufficient evaluation of auditing data |
T 2.63 |
Uncontrolled use of faxes |
Human Error
T 3.3 |
Non-compliance with IT security measures |
T 3.14 |
Misjudgement of the legal force of a fax |
Technical Failure
T 4.15 |
Fax transmission errors |
T 4.20 |
Overloaded information systems |
Deliberate Acts
T 5.2 |
Manipulation of information or software |
T 5.7 |
Line tapping |
T 5.9 |
Unauthorised use of IT systems |
T 5.24 |
Replay of messages |
T 5.25 |
Masquerade |
T 5.27 |
Repudiation of a message |
T 5.30 |
Unauthorised use of fax machine or fax server |
T 5.31 |
Unauthorised reading of incoming fax transmissions |
T 5.32 |
Evaluation of residual information in fax machines and fax servers |
T 5.33 |
Sending faxes under a false identity |
T 5.35 |
Overload due to incoming fax transmissions |
T 5.39 |
Infiltrating computer systems via communication cards |
T 5.90 |
Manipulation of address books and distribution lists |
Method recommendation
To secure the information system examined, other modules will need to be implemented in addition to this module. These modules are selected based on the results of the IT-Grundschutz modelling process.
The first step is to prepare a comprehensive set of security guidelines for the fax server (see S 2.178 Drawing up a set of security guidelines for the use of faxes) and to purchase a suitable fax server (see S 2.181 Selection of a suitable fax server). These guidelines should be used as a basis for developing policies. Finally, persons responsible for the use of the fax server should be appointed (see S 3.10 Selection of a trustworthy administrator and his substitute and S 2.180 Setting up a fax mail centre). Both the security guidelines and the policies based on them and the appointment of fax officers should be effected in writing. These decisions should then be implemented as specific safeguards. In addition to the secure operation of the fax server, it is particularly important that the users comply with the relevant security precautions and instructions.
The package of safeguards for the "Fax server" application is presented in the following.
Planning and design
S 2.178 |
(A) |
Drawing up a set of security guidelines for the use of faxes |
S 2.179 |
(A) |
Procedures controlling the use of fax servers |
Purchasing
S 2.181 |
(C) |
Selection of a suitable fax server |
Implementation
S 2.180 |
(A) |
Setting up a fax mail centre |
S 3.10 |
(A) |
Selection of a trustworthy administrator and his substitute |
S 3.15 |
(A) |
Information on the use of fax machines for all employees |
S 4.36 |
(Z) |
Blocking fax recipient numbers |
S 4.37 |
(Z) |
Blocking fax sender numbers |
Operation
S 5.24 |
(Z) |
Use of a suitable fax cover sheet |
S 5.25 |
(A) |
Using transmission and reception logs |
S 5.26 |
(Z) |
Announcing fax messages via telephone |
S 5.27 |
(Z) |
Acknowledging successful fax reception via telephone |
S 5.28 |
(Z) |
Acknowledging correct fax origin via telephone |
S 5.73 |
(A) |
Secure operation of a fax server |
S 5.74 |
(A) |
Maintenance of fax server address books and distribution lists |
S 5.75 |
(Z) |
Protecting against overloading the fax server |
Contingency Planning
S 6.69 |
(B) |
Contingency planning and operational reliability of fax servers |
© Federal Office for Information Security. All rights reserved.