CGI Web Hosting Securing Public Web Servers CGI Hosting

Guidelines on Securing Public Web Servers

4.  Securing the Operating System

The first step in securing a Web server is securing the underlying operating system.  Most

commonly available Web servers operate on a general purpose operating system.  Many

security issues can be avoided if the operating systems underlying Web servers are configured

appropriately.  Default hardware and software configurations are typically set by vendors to

emphasize features, functions, and ease of use at the expense of security.  Because vendors are

not aware of each organization's security needs, each Web administrator must configure new

servers to reflect their organization's security requirements and reconfigure them as those

requirements change.  The practices recommended here are designed to help Web

administrators configure and deploy Web servers that satisfy their organization's security

requirements.  Web administrators with existing Web servers should confirm that their current

configurations address the issues discussed here.

Given that the techniques for hardening different operating systems vary greatly, this section

will include the generic procedures common in securing most operating systems.  References

for securing specific operating systems are provided in Section 4.3.  In addition, many

organizations maintain their own guidelines specific to their requirements.  Some automated

tools also exist for hardening the operating system, and we recommend considering the use of

such tools and others with similar functionality (see Appendix E).

Four basic steps are necessary to maintain basic operating system security:

Planning, installing, and deploying the Web server operating system (see Section 3.1)

Configuring the Web server operating system to adequately address security

Patching and updating the Web server operating system as required

Testing the Web server operating system to ensure that the previous three steps are

adequately addressing all security issues.

4.1 Securely

Installing and Configuring an Operating System

4.1.1  Patch and Upgrade Operating System

Once an operating system is installed, apply any patches or upgrades to correct for known

vulnerabilities.  All operating systems released today have some known vulnerabilities that

should be corrected before using the operating system to host a Web server.  To adequately

detect and correct for these vulnerabilities, Web administrators should:

Create and implement a patching process

Identify vulnerabilities and applicable patches

Mitigate vulnerabilities (until patches are available, tested, and installed)

 To check for operating system or Web server application vulnerabilities, see the NIST ICAT Metabase at

http://icat.nist.gov





Unlimited Web Hosting





  
    
      
        Home :: RegularHostingPlan :: 
          DatabaseHostingPlan :: 
          JavaHostingPlan :: 
          CompareOurPlans :: AboutUs - 
          Our Network :: 
          Testimonials 
          WhyChooseTotalRoute.net :: 
          MoneyBackQuarantee :: 
          SupportOnline :: FAQ :: 
          ControlPanel :: 
          24/7TechSupport :: 
          ContactUs :: 
          Order 
          TransferYourSite :: 
          Sitemap :: 
            TermsOfService
      CGI Web Hosting 
    
  
  
    Our partners:Jsp Web   Hosting 
      Unlimited Web Hosting 
      Cheapest Web   Hosting  Java Web Hosting 
      Web   Templates 
      Best Web Templates 
      Web Design   Templates 
      Interland Web Hosting 
      Cheap Web Hosting  
      Java Web Hosting   
      Tomcat Web Hosting 
      Quality Web   Hosting 
    Best Web Hosting  Mac Web   Hosting
  
  
    TotalRoute.net Business web hosting division of Vision Web Hosting Inc. All rights reserved.