Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: Re: Looking for papers on protecting servers

Re: Looking for papers on protecting servers

From: Mitchell Rowton <mrowton_at_bdo.com>
Date: Mon, 12 Apr 2004 09:43:37 -0400

Good post!

The options you have mentioned so far are a perimeter firewall
http://www.securitydocs.com/Firewall

Host based firewall
http://www.google.com/search?sourceid=navclient&ie=UTF-8&oe=UTF-8&q=%22host+based+firewall%22

Host and Network based IDS
http://www.securitydocs.com/Intrusion_Detection/Snort
http://www.robertgraham.com/pubs/network-intrusion-detection.html
http://www.google.com/search?sourceid=navclient&ie=UTF-8&oe=UTF-8&q=%22host+based+IDS%22

Security agent.. we've already covered host based firewalls and IDS's,
so maybe something like tripwire? Or something on a different host like
a honeypot?
http://sourceforge.net/projects/tripwire/
http://www.securitydocs.com/Intrusion_Detection/Honeypots

This may not apply to your paper, but generally you would want to
figure out how critical the server is and assess it for current
vulnerabilities.

These are all good, just don't forget the basics (here are a few in no
particular order)

Policy, anti-virus, patches, passwords, incident response procedures,
physical security... 

--
Mitchell
>>> Lazlò Carreidas) <LazloCarreidas_at_netscape.net> 04/07/04 06:57AM
>>>
My fellow experts,
I have been requested to write a document that would describe the
different means to "protect" a specific server in a datacentre (except
for the continuous patching process, of course...)
There are several possibilities (individual or combined):
  - firewall as a "datacentre door"
  - firewall (kind of "personal") over the server
  - good HIDS and NIDS
  - some kind of "security agent" that would raise an alert when
needed
  - etc...
I am looking for opinions, papers, etc... that could help me writing
this document.
Thank you for your help
  Lazlò
[Sorry for the multiple post]
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
NOTICE:
The contents of this email and any attachments to it may contain privileged and confidential information from BDO Seidman, LLP.  This information is only for the viewing or use of the intended recipient.  If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution or use of, or the taking of any action in reliance upon, the information contained in this e-mail, or any of the attachments to this e-mail, is strictly prohibited and that this e-mail and all of the attachments to this e-mail, if any, must be immediately returned to BDO Seidman, LLP or destroyed and, in either case, this e-mail and all attachments to this e-mail must be immediately deleted from your computer without making any copies thereof.  If you have received this e-mail in error, please notify BDO Seidman, LLP by e-mail immediately.
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Apr 16 2004
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos