NOW READ THIS
("Security Advisory")

Go Back

Submitted by: Bill Hickey
NCVA List Master

NRT-0305 Guidelines on Securing Public Web Servers:


The National Institute of Standards and Technology (NIST) has released a new publication that provides detailed tips on how to make web servers more resistant to potential attacks. Called "Guidelines on Securing Public Web Servers," the publication covers some of the latest threats to web security, while reflecting general changes in web technology that have taken place since the first version of the guide was published 5 years ago. The guide advocates "defense in depth" - installing safeguards at various points of entry into the server, from the router that handles all incoming data traffic to the specific machines that house the server software. In addition, the guide recommends, organizations should monitor log files, create procedures for recovering from attacks, and regularly test the security of their systems. The guide is designed for federal departments and agencies, but may be applicable to any web server to which the outside world has access. The guide is available free of charge at http://csrc.nist.gov/publications/nistpubs/800-44-ver2/SP800-44v2.pdf.

(National Institute of Standards and Technology 11OCT07)


Valid XHTML 1.0! Valid CSS! Counter Image
Last Modified: Saturday, 27-Oct-2007 18:27:52 EDT