Re: Overall, GENERIC Security Rules

[bve <bve () quadrix com>]

> I have been scouring the Internet for more than a week
> looking for a white paper, or something that has a
> list of GENERIC security rules that apply to
> everything from the cisco choke router, to the bastion
> host, to the access router, and the IDS system, and
> the log parsers (NSM/open.com), and the hosts... 
>
> We know how to configure the individual pieces, but
> has anyone thought about the whole ball of wax,
> holistically, and wrote about it?  The closest thing
> I've found is the HoneyNet project documents, but it's
> still a conglomeration of pieces...  Anyone seen
> anything like what I'm trying to describe?

I had an article published that was a 10,000 ft level description of the
basics of security.  I called it, "The Five Fundamental Principles of
Security."  It was designed for executives and other non-techies, and
covered the following: 

1.100% security does not exist. 
2.Security risks are directly proportional to software complexity. 
3.Implement security in layers. 
4.Don't allow a breach to be leveraged elsewhere. 
5.You're never done! You must keep up-to-date on software packages,
drivers, and security alerts. Log files must also be regularly reviewed
for anomalies. 


Were you looking for something like this?  It's not an in-depth article,
but it does try to address security from a more holistic point of view. 
If you like, I can probably scrounge up a link for it....

-Bill Van Emburg
Quadrix Solutions, Inc.
http://quadrix.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards