WebHostingSSH

Guidelines on Securing Public Web Servers

should be conducted at least annually.  Since both of these testing techniques are applicable to

testing the Web server application as well, they are discussed in greater detail in Section 9.4.

4.3  Resources for Operating System Specific Security Procedures

The following Web sites provide detailed information about securing specific operating

systems:

Solaris

   Paul D. J. Vandenberg and Susan D. Wyess,

Securing Solaris Servers

http://www.usenix.org/sage/sysadmins/solaris/

Unix

   CERT,

Unix Security Checklist Version 2.0

http://www.cert.org/tech_tips/usc20_full.html

Windows NT

   National Security Agency (NSA),

 Guide to Securing Microsoft

Windows NT Networks

http://nsa1.www.conxion.com/winnt/guides/wnt 1.pdf

Windows 2000

   NIST Special Publication 800 43,

Guide to Securing Windows 2000

Professional

http://csrc.nist.gov/publications/nistpubs/index.html

Windows 2000

   NSA,

 Guide to Securing Microsoft Windows 2000

(including 2000

Server) (

http://nsa1.www.conxion.com/win2k/index.html

).

4.4  Securing the Web Server Operating System Checklist

Completed

Action

Plan the configuration and deployment of Web server

Identify functions of Web server

Identify information categories that will be stored, processed and

transmitted through the Web server

Identify security requirements of information

Identify how information is published to the Web server

Identify a dedicated host to run Web server

Identify network services that will be provided and supported by the

Web server

Identify users and categories of users of the Web server and

determine privilege for each category of user

Identify user authentication methods for Web server

Choose appropriate operating system for Web server

Minimal exposure to vulnerabilities

Ability to restrict administrative or root level activities to authorized

users only

 For information on other testing techniques, see NIST Special Publication 800 42,

Guideline on Network Security

Testing

http://csrc.nist.gov/publications/nistpubs/index.html

).





  
    
      

    
    Home
    
    About
    
    Services
    
    Network
    
    Support
    
    FAQ
    
    Order
    
    Contact
    
    
         Web Hosting SSH

    
    
    
      Our partners:Jsp 
      Web Hosting
      Unlimited Web Hosting 
      Cheapest Web Hosting  Java 
      Web Hosting
      Web Templates
      Best Web Templates PHP Mysql Web Hosting
      
      Interland Web Hosting
      Cheap Web Hosting 
      PHP Web Hosting
      Tomcat Web Hosting
      Quality Web Hosting
      Best Web Hosting  Mac 
      Web Hosting  
      

      Lunarwebhost.net  Business web hosting 
      division of Vision Web Hosting Inc. All rights reserved


Home	About	Services	Network	Support	FAQ	Order	Contact
Web Hosting SSH
Our partners:Jsp Web Hosting Unlimited Web Hosting Cheapest Web Hosting Java Web Hosting Web Templates Best Web Templates PHP Mysql Web Hosting Interland Web Hosting Cheap Web Hosting PHP Web Hosting Tomcat Web Hosting Quality Web Hosting Best Web Hosting Mac Web Hosting Lunarwebhost.net Business web hosting division of Vision Web Hosting Inc. All rights reserved