ZVON
>
RFC Repository
>
RFC 2196
Frontpage
/
Contents
RFC index
|
RFC search
Download as zip/tar.gz
Site Security Handbook
0. Frontpage
1. Introduction
1.1. Purpose of This Work
1.2. Audience
1.3. Definitions
1.4. Related Work
1.5. Basic Approach
1.6. Risk Assessment
1.6.1. General Discussion
1.6.2. Identifying the Assets
1.6.3. Identifying the Threats
2. Security Policies
2.1. What is a Security Policy and Why Have One?
2.1.1. Definition of a Security Policy
2.1.2. Purposes of a Security Policy
2.1.3. Who Should be Involved When Forming Policy?
2.2. What Makes a Good Security Policy?
2.3. Keeping the Policy Flexible
3. Architecture
3.1. Objectives
3.1.1. Completely Defined Security Plans
3.1.2. Separation of Services
3.1.3. Deny all/ Allow all
3.1.4. Identify Real Needs for Services
3.2. Network and Service Configuration
3.2.1. Protecting the Infrastructure
3.2.2. Protecting the Network
3.2.3. Protecting the Services
3.2.3.1. Name Servers (DNS and NIS(+))
3.2.3.2. Password/Key Servers (NIS(+) and KDC)
3.2.3.3. Authentication/Proxy Servers (SOCKS, FWTK)
3.2.3.4. Electronic Mail
3.2.3.5. World Wide Web (WWW)
3.2.3.6. File Transfer (FTP, TFTP)
3.2.3.7. NFS
3.2.4. Protecting the Protection
3.3. Firewalls
4. Security Services and Procedures
4.1. Authentication
4.1.1. One-Time passwords
4.1.2. Kerberos
4.1.3. Choosing and Protecting Secret Tokens and PINs
4.1.4. Password Assurance
4.2. Confidentiality
4.3. Integrity
4.4. Authorization
4.5. Access
4.5.1. Physical Access
4.5.2. Walk-up Network Connections
4.5.3. Other Network Technologies
4.5.4. Modems
4.5.4.1. Modem Lines Must Be Managed
4.5.4.2. Dial-in Users Must Be Authenticated
4.5.4.3. Call-back Capability
4.5.4.4. All Logins Should Be Logged
4.5.4.5. Choose Your Opening Banner Carefully
4.5.4.6. Dial-out Authentication
4.5.4.7. Make Your Modem Programming as "Bullet-proof" as Possible
4.6. Auditing
4.6.1. What to Collect
4.6.2. Collection Process
4.6.3. Collection Load
4.6.4. Handling and Preserving Audit Data
4.6.5. Legal Considerations
4.7. Securing Backups
5. Security Incident Handling
5.1. Preparing and Planning for Incident Handling
5.2. Notification and Points of Contact
5.2.1. Local Managers and Personnel
5.2.2. Law Enforcement and Investigative Agencies
5.2.3. Computer Security Incident Handling Teams
5.2.4. Affected and Involved Sites
5.2.5. Internal Communications
5.2.6. Public Relations - Press Releases
5.3. Identifying an Incident
5.3.1. Is It Real?
5.3.2. Types and Scope of Incidents
5.3.3. Assessing the Damage and Extent
5.4. Handling an Incident
5.4.1. Types of Notification and Exchange of Information
5.4.2. Protecting Evidence and Activity Logs
5.4.3. Containment
5.4.4. Eradication
5.4.5. Recovery
5.4.6. Follow-Up
5.5. Aftermath of an Incident
5.6. Responsibilities
5.6.1. Not Crossing the Line
5.6.2. Good Internet Citizenship
5.6.3. Administrative Response to Incidents
6. Ongoing Activities
7. Tools and Locations
8. Mailing Lists and Other Resources
9. References
10. Security Considerations
11. Editor Information