RFC2196 - Page 2

• Title: Site Security Handbook
• Author: B. Fraser
• Date: September 1, 1997

Page Navigation:

1  2  3  4  5  6  7  8  9  10  11  12  13  14  15  16  17  18  19  20  21  22  23  24  25  26  27  28  29  30  31  32  33  34  35  36  37  38  39  40  41  42  43  44  45  46  47  48  49  50  51  52  53  54  55  56  57  58  59  60  61  62  63  64  65  66  67  68  69  70  71  72  73  74  75 

Printable Version: RFC2196.PDF

RFC 2196              Site Security Handbook              September 1997


4.4  Authorization................................................... 29
4.5  Access.......................................................... 30
4.6  Auditing........................................................ 34
4.7  Securing Backups................................................ 37
5.   Security Incident Handling...................................... 37
5.1  Preparing and Planning for Incident Handling.................... 39
5.2  Notification and Points of Contact.............................. 42
5.3  Identifying an Incident......................................... 50
5.4  Handling an Incident............................................ 52
5.5  Aftermath of an Incident........................................ 58
5.6  Responsibilities................................................ 59
6.   Ongoing Activities.............................................. 60
7.   Tools and Locations............................................. 60
8.   Mailing Lists and Other Resources............................... 62
9.   References...................................................... 64

1.  Introduction

   This document provides guidance to system and network administrators
   on how to address security issues within the Internet community.  It
   builds on the foundation provided in RFC 1244 and is the collective
   work of a number of contributing authors. Those authors include:
   Jules P. Aronson (aronson@nlm.nih.gov), Nevil Brownlee
   (n.brownlee@auckland.ac.nz), Frank Byrum (byrum@norfolk.infi.net),
   Joao Nuno Ferreira (ferreira@rccn.net), Barbara Fraser
   (byf@cert.org), Steve Glass (glass@ftp.com), Erik Guttman
   (erik.guttman@eng.sun.com), Tom Killalea (tomk@nwnet.net), Klaus-
   Peter Kossakowski (kossakowski@cert.dfn.de), Lorna Leone
   (lorna@staff.singnet.com.sg), Edward.P.Lewis
   (Edward.P.Lewis.1@gsfc.nasa.gov), Gary Malkin (gmalkin@xylogics.com),
   Russ Mundy (mundy@tis.com), Philip J. Nesser
   (pjnesser@martigny.ai.mit.edu), and Michael S. Ramsey
   (msr@interpath.net).

   In addition to the principle writers, a number of reviewers provided
   valuable comments. Those reviewers include: Eric Luiijf
   (luiijf@fel.tno.nl), Marijke Kaat (marijke.kaat@sec.nl), Ray Plzak
   (plzak@nic.mil) and Han Pronk (h.m.pronk@vka.nl).

   A special thank you goes to Joyce Reynolds, ISI, and Paul Holbrook,
   CICnet, for their vision, leadership, and effort in the creation of
   the first version of this handbook. It is the working group's sincere
   hope that this version will be as helpful to the community as the
   earlier one was.







Fraser, Ed.                Informational                        [Page 2]