Firewall Wizards mailing list archives
Re: Looking for papers on protecting servers
From: "Mitchell Rowton" <mrowton () bdo com>
Date: Mon, 12 Apr 2004 09:43:37 -0400
Good post! The options you have mentioned so far are a perimeter firewall http://www.securitydocs.com/Firewall Host based firewall http://www.google.com/search?sourceid=navclient&ie=UTF-8&oe=UTF-8&q=%22host+based+firewall%22 Host and Network based IDS http://www.securitydocs.com/Intrusion_Detection/Snort http://www.robertgraham.com/pubs/network-intrusion-detection.html http://www.google.com/search?sourceid=navclient&ie=UTF-8&oe=UTF-8&q=%22host+based+IDS%22 Security agent.. we've already covered host based firewalls and IDS's, so maybe something like tripwire? Or something on a different host like a honeypot? http://sourceforge.net/projects/tripwire/ http://www.securitydocs.com/Intrusion_Detection/Honeypots This may not apply to your paper, but generally you would want to figure out how critical the server is and assess it for current vulnerabilities. These are all good, just don't forget the basics (here are a few in no particular order) Policy, anti-virus, patches, passwords, incident response procedures, physical security... -- Mitchell
Lazlò Carreidas) <LazloCarreidas () netscape net> 04/07/04 06:57AM
My fellow experts, I have been requested to write a document that would describe the different means to "protect" a specific server in a datacentre (except for the continuous patching process, of course...) There are several possibilities (individual or combined): - firewall as a "datacentre door" - firewall (kind of "personal") over the server - good HIDS and NIDS - some kind of "security agent" that would raise an alert when needed - etc... I am looking for opinions, papers, etc... that could help me writing this document. Thank you for your help Lazlò [Sorry for the multiple post] http://honor.icsalabs.com/mailman/listinfo/firewall-wizards NOTICE: The contents of this email and any attachments to it may contain privileged and confidential information from BDO Seidman, LLP. This information is only for the viewing or use of the intended recipient. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of, or the taking of any action in reliance upon, the information contained in this e-mail, or any of the attachments to this e-mail, is strictly prohibited and that this e-mail and all of the attachments to this e-mail, if any, must be immediately returned to BDO Seidman, LLP or destroyed and, in either case, this e-mail and all attachments to this e-mail must be immediately deleted from your computer without making any copies thereof. If you have received this e-mail in error, please notify BDO Seidman, LLP by e-mail immediately. _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Looking for papers on protecting servers Lazlò Carreidas (Apr 10)
- RE: Looking for papers on protecting servers Laura Taylor (Apr 16)
- <Possible follow-ups>
- Re: Looking for papers on protecting servers Mitchell Rowton (Apr 16)
- RE: Looking for papers on protecting servers Don Parker (Apr 19)