General technical recommendations for keeping a WWW server secure
If the goal is to be "secure" (whatever that means), then
at least the following technical prescriptions should be
adhered to as closely as possible:
- A comprehensive security policy should be created and adhered to.
It is the single most important part of
keeping your site secure, without exceptions. Look at one of the
best RFC's ever written,
RFC 1244.
- Packet filtering is very, very important, and should be done on all
critical systems, unless other issues (such as performance)
simply make it impossible. Only a few ports should
be allowed into the system. Do not make the mistake of relying
solely on packet filtering, however - the system should be relatively
secure even if the packet filtering system fails (as is often the
case.) Here is a small document on
filtering ports by Aleph1.
- Absolutely no services that aren't vital to running the system should
be run. There should be no exceptions.
- No outside logins or services other than those crucial to keeping
the system running should be allowed from any system unless it is
(a) friendly to the organization and (b) at least as secure as
the system in question.
- The system should be secured using as many of the latest techniques
and software tools as possible. If possible, the same people who
set up the system should administer it, or at least help monitor it.
- Continued education of the system and security administrators of the
site is essential.
- Security auditing and monitoring should be done on a regular
and ongoing basis.
- Proper resources, financial and otherwise, must be allocated to the
personnel who are responsible for keeping the system secure.
