Every once in a while, a Windows NT advocate will say, "But, Windows NT is C2 compliant". So, to try to shed some light on this subject, let me say that Windows NT Version 3.5.1 is, in fact, compliant with the Department of Defense's C2 Security specification. However, it is so only when disconnected from a network!
Windows NT Version 4.0 hasn't been registered at all, at the time of this writing (02/04/98).
There are people out there that profess that they can break into any NT machine connected to the Internet in 20 minutes or less. They are probably right.
So, if you're looking for a permanent Internet connection and plan to deploy an NT-based infrastructure, we strongly suggest that you buy an additional, external platform to act as a Firewall.
We've scoured the 'net for a copy of the C2 specification which is detailed in Department of Defense Standard: 5200.28-STD. We've posted a local copy of it here in text format. If you find computer security a fascinating subject, you might want to take a look at some of these files in Perdue University's COAST (Computer Operations, Audit, and Security Technology) archives. Or, you can start from the top at COAST via their WWW interface.
| Home | History | Multiplex | Xmission | Networking | Switching | Modulation |
ntc2.htm, ©1998 All rights reserved
Tampa Bay Interactive, Inc.
Last Revised on: Monday, 25-Oct-2004 19:46:59 EDT