Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Web server defense drafted

From: InfoSec News <isn () c4i org>
Date: Tue, 5 Mar 2002 02:29:26 -0600 (CST)
http://www.fcw.com/fcw/articles/2002/0304/web-nist-03-04-02.asp

By Diane Frank 
March 4, 2002

Tackling one of the prime targets on a network for cyberattacks, the 
National Institute of Standards and Technology released a draft of its 
new guidance on securing public Web servers March 1.

The draft special publication is intended for technical personnel, as 
it contains detailed guidance and checklists on how to configure the 
Web server itself, as well as the underlying operating system and 
security products, such as firewalls and intrusion detection systems.

The guide also covers security administration procedures for Web 
servers, including logging, backup, recovery, testing and remote 
administration.

In the appendices, the guide outlines the steps to secure the two most 
commonly used Web servers, the open-source Apache server and Microsoft 
Corp.'s Internet Information Server. 

Comments on the draft are due to Wayne Jansen (jansen () nist gov) by 
March 28.

[NIST draft: "Guidelines on Securing Public Web Servers]
http://csrc.nist.gov/publications/drafts/PP-SecuringWebServers-RFC.pdf



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: