Site Security Handbook
RFC 2196
Document | Type |
RFC - Informational
(September 1997; Errata)
Obsoletes RFC 1244
Also known as FYI 8
|
|
---|---|---|---|
Author | Barbara Fraser | ||
Last updated | 2020-01-21 | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized with errata bibtex | ||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 2196 (Informational) | |
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | (None) | ||
Send notices to | (None) |
Network Working Group B. Fraser Request for Comments: 2196 Editor FYI: 8 SEI/CMU Obsoletes: 1244 September 1997 Category: Informational Site Security Handbook Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Abstract This handbook is a guide to developing computer security policies and procedures for sites that have systems on the Internet. The purpose of this handbook is to provide practical guidance to administrators trying to secure their information and services. The subjects covered include policy content and formation, a broad range of technical system and network security topics, and security incident response. Table of Contents 1. Introduction.................................................... 2 1.1 Purpose of this Work............................................ 3 1.2 Audience........................................................ 3 1.3 Definitions..................................................... 3 1.4 Related Work.................................................... 4 1.5 Basic Approach.................................................. 4 1.6 Risk Assessment................................................. 5 2. Security Policies............................................... 6 2.1 What is a Security Policy and Why Have One?..................... 6 2.2 What Makes a Good Security Policy?.............................. 9 2.3 Keeping the Policy Flexible..................................... 11 3. Architecture.................................................... 11 3.1 Objectives...................................................... 11 3.2 Network and Service Configuration............................... 14 3.3 Firewalls....................................................... 20 4. Security Services and Procedures................................ 24 4.1 Authentication.................................................. 24 4.2 Confidentiality................................................. 28 4.3 Integrity....................................................... 28 Fraser, Ed. Informational [Page 1] RFC 2196 Site Security Handbook September 1997 4.4 Authorization................................................... 29 4.5 Access.......................................................... 30 4.6 Auditing........................................................ 34 4.7 Securing Backups................................................ 37 5. Security Incident Handling...................................... 37 5.1 Preparing and Planning for Incident Handling.................... 39 5.2 Notification and Points of Contact.............................. 42 5.3 Identifying an Incident......................................... 50 5.4 Handling an Incident............................................ 52 5.5 Aftermath of an Incident........................................ 58 5.6 Responsibilities................................................ 59 6. Ongoing Activities.............................................. 60 7. Tools and Locations............................................. 60 8. Mailing Lists and Other Resources............................... 62 9. References...................................................... 64 1. Introduction This document provides guidance to system and network administrators on how to address security issues within the Internet community. It builds on the foundation provided in RFC 1244 and is the collective work of a number of contributing authors. Those authors include: Jules P. Aronson (aronson@nlm.nih.gov), Nevil Brownlee (n.brownlee@auckland.ac.nz), Frank Byrum (byrum@norfolk.infi.net), Joao Nuno Ferreira (ferreira@rccn.net), Barbara Fraser (byf@cert.org), Steve Glass (glass@ftp.com), Erik Guttman (erik.guttman@eng.sun.com), Tom Killalea (tomk@nwnet.net), Klaus- Peter Kossakowski (kossakowski@cert.dfn.de), Lorna Leone (lorna@staff.singnet.com.sg), Edward.P.Lewis (Edward.P.Lewis.1@gsfc.nasa.gov), Gary Malkin (gmalkin@xylogics.com), Russ Mundy (mundy@tis.com), Philip J. Nesser (pjnesser@martigny.ai.mit.edu), and Michael S. Ramsey (msr@interpath.net). In addition to the principle writers, a number of reviewers provided valuable comments. Those reviewers include: Eric Luiijf (luiijf@fel.tno.nl), Marijke Kaat (marijke.kaat@sec.nl), Ray Plzak (plzak@nic.mil) and Han Pronk (h.m.pronk@vka.nl). A special thank you goes to Joyce Reynolds, ISI, and Paul Holbrook, CICnet, for their vision, leadership, and effort in the creation of the first version of this handbook. It is the working group's sincereShow full document text