skip book previous and next navigation links
go up to top of book: HP OpenVMS Guide to System SecurityHP OpenVMS Guide to System Security
go to beginning of part: Security for the UserSecurity for the User
go to beginning of chapter: Using the System ResponsiblyUsing the System Responsibly
go to previous page: Auditing Access to Your Account and FilesAuditing Access to Your Account and Files
go to next page: Checklist for Contributing to System SecurityChecklist for Contributing to System Security
end of book navigation links

Logging Out Without Compromising System Security  



Logging out of a session conserves system resources and protectsyour files. Leaving a terminal on line represents one of the greatestsources of inside intrusions. When you leave your terminal on lineand your office open, you have effectively given away your passwordand your privileges and have left your files and those of the othermembers of your group unprotected. Any user can easily and quicklytransfer all files accessible through your account. A maliciousinsider could rename and delete your files and any other files to whichyou have write access. If you have special privileges, especiallyprivileges in the Files or All category, a malicious user can domajor damage.

Log out when you leave your office even for a brief periodof time. If you have performed remote logins, you must log out ofeach node. The following sections describe security considerationsfor logging out of specific types of terminals or sessions.

Clearing Your Terminal Screen  

You may want to clear your screen each time you log out froma terminal to ensure that your user name, node name, and operatingsystem are not revealed to anyone else. If you are logging out aftera remote login, the name of the node to which you return (the localnode) is also revealed. If you access multiple accounts remotely(over the network), the final sequence of logout commands revealsall the nodes and user names that are accessible to you on eachnode (excluding the name of the furthest node reached). To thosewho can recognize the operating system from the prompt or a logoutmessage, these displays also reveal the operating system.

At some sites, it may be important to leave nothing but thelogout message on your screen, as follows:

After the screen clears, the cursor is positioned at the topof the screen, next to the DCL prompt. Enter the DCL command LOGOUTat the prompt. The only information remaining after you log outis your logout command and the logout completion message, for example: 

$ LOGOUT  RDOGWOOD     logged out at 14-AUG-2001 19:39:01.43

Disposing of Hardcopy Output  

After you log out from a hardcopy terminal, properly remove,file, or dispose of all hardcopy output that might reveal sensitiveinformation. Your security administrator should provide directionon preferred procedures. Many sites use paper shredders or lockedreceptacles for this purpose. Handle output that you plan to save justas carefully.

You should also dispose of hardcopy output if the system failsbefore you log out. In addition, if you will not be present whenthe system is initialized, turn your terminal off.

Removing Disconnected Processes  

The system automatically removes your disconnected processesafter a certain interval. You can conserve system resources, however,if you directly log out of any disconnected processes, as follows:

  1. Enter the DCLcommand SHOW USERS to determine if you have other disconnected jobs.

  2. Enter the DCL command CONNECT/LOGOUT to log outof the current process. Connect back through each of the associatedvirtual terminals (as noted by the terminal prefix of VTA) untilyou reach the last existing process.

  3. Enter the DCL command LOGOUT.

Breaking the Connection to a Dialup Line  

Your security administrator may ask you to break the connectionto a dialup line when you log out. If you anticipate no furtherimmediate use of the line, use the LOGOUT command with the /HANGUPqualifier. The /HANGUP qualifier directs the system to automaticallybreak the connection to the dialup line after you log out.

NoteThe effectiveness of the /HANGUP qualifier depends onhow your system manager configures your modem line and how the lineconnects to the computer. It does not work on lines connected toa terminal server.
Breaking the connection to a dialup line prevents someonefrom taking advantage of an open access line. To access the line,someone must know the access number and must personally redial.Breaking the connection is especially important if the dialup lineyou use is in a public area or where someone might use the terminal afteryou.

This practice also saves resources by reducing the requirednumber of dialup lines.

Turning Off a Terminal  

If your site has moderate or high security requirements, yoursecurity administrator may ask you to turn off your terminal afterlogging out. This resets terminal characteristics and clears memorybuffers. Some Trojan horse attacks use hardware frame buffers andthe answerback capabilities that are built into newer terminals.

On VAX systems, users working in a C2 environment must turnoff their terminals. (C2 is a United States government rating ofthe security of an operating system. Running an OpenVMS System in a C2 Environment describes its requirements.)

go to previous page: Auditing Access to Your Account and FilesAuditing Access to Your Account and Files
go to next page: Checklist for Contributing to System SecurityChecklist for Contributing to System Security