CGI Web Hosting Securing Public Web Servers CGI Hosting

Guidelines on Securing Public Web Servers

should be conducted at least annually.  Since both of these testing techniques are applicable to

testing the Web server application as well, they are discussed in greater detail in Section 9.4.

4.3  Resources for Operating System Specific Security Procedures

The following Web sites provide detailed information about securing specific operating

systems:

Solaris

   Paul D. J. Vandenberg and Susan D. Wyess,

Securing Solaris Servers

http://www.usenix.org/sage/sysadmins/solaris/

Unix

   CERT,

Unix Security Checklist Version 2.0

http://www.cert.org/tech_tips/usc20_full.html

Windows NT

   National Security Agency (NSA),

 Guide to Securing Microsoft

Windows NT Networks

http://nsa1.www.conxion.com/winnt/guides/wnt 1.pdf

Windows 2000

   NIST Special Publication 800 43,

Guide to Securing Windows 2000

Professional

http://csrc.nist.gov/publications/nistpubs/index.html

Windows 2000

   NSA,

 Guide to Securing Microsoft Windows 2000

(including 2000

Server) (

http://nsa1.www.conxion.com/win2k/index.html

).

4.4  Securing the Web Server Operating System Checklist

Completed

Action

Plan the configuration and deployment of Web server

Identify functions of Web server

Identify information categories that will be stored, processed and

transmitted through the Web server

Identify security requirements of information

Identify how information is published to the Web server

Identify a dedicated host to run Web server

Identify network services that will be provided and supported by the

Web server

Identify users and categories of users of the Web server and

determine privilege for each category of user

Identify user authentication methods for Web server

Choose appropriate operating system for Web server

Minimal exposure to vulnerabilities

Ability to restrict administrative or root level activities to authorized

users only

 For information on other testing techniques, see NIST Special Publication 800 42,

Guideline on Network Security

Testing

http://csrc.nist.gov/publications/nistpubs/index.html

).





Unlimited Web Hosting





  
    
      
        Home :: RegularHostingPlan :: 
          DatabaseHostingPlan :: 
          JavaHostingPlan :: 
          CompareOurPlans :: AboutUs - 
          Our Network :: 
          Testimonials 
          WhyChooseTotalRoute.net :: 
          MoneyBackQuarantee :: 
          SupportOnline :: FAQ :: 
          ControlPanel :: 
          24/7TechSupport :: 
          ContactUs :: 
          Order 
          TransferYourSite :: 
          Sitemap :: 
            TermsOfService
      CGI Web Hosting 
    
  
  
    Our partners:Jsp Web   Hosting 
      Unlimited Web Hosting 
      Cheapest Web   Hosting  Java Web Hosting 
      Web   Templates 
      Best Web Templates 
      Web Design   Templates 
      Interland Web Hosting 
      Cheap Web Hosting  
      Java Web Hosting   
      Tomcat Web Hosting 
      Quality Web   Hosting 
    Best Web Hosting  Mac Web   Hosting
  
  
    TotalRoute.net Business web hosting division of Vision Web Hosting Inc. All rights reserved.