Non-UCL Documentation

If you are a system administrator and only have time to read one document, take a look at the 'Armoring...' series. Short and to the point, these documents are practical guides to hardening your systems.

The CERT Coordination Center (see 'Other Security Teams' below) is perhaps the largest single repository of information about computer security. In addition to its advisories, the centre produces many guides to good practice. The statistics relating to trends in security incidents also make illuminating reading.

For other UCL Documentation please see the following link:

http://www.ucl.ac.uk/isd/common/cst/good_practice/ucldocumentation

Network security:

Firewalls

• Janet Firewall implementation guide

Wireless LAN

• NIPC best practices for wireless fidelity (802.11b) network vulnerabilities (from National Infrastructure Protection Center)

System configuration guidelines :

Cross-platform

• IT Baseline Protection Manual (from The Information Warfare Site)
• The Twenty Most Critical Internet Security Vulnerabilities (and how to eliminate them) by the SANS Institute

UNIX

• UNIX Configuration Guidelines (from CERT/CC)
• Armoring Solaris from WindowSecurity.com
• Securing Solaris from Security Focus
• Solaris 2 FAQ (a list of questions that are frequently asked about Solaris 2.x and later)
• The Solaris Security FAQ (a list of questions that are frequently asked about Solaris 2.x Security)
• UNIX Computer Security Checklist Version 2.0 from AUSCERT

Linux

• Armoring Linux from WindowSecurity.com
• Bastille Linux from Sourceforge
• Linux IPCHAINS-howto (how to obtain, install and configure the enhanced IP firewalling chains software for Linux)

Microsoft

• Hardening Windows NT/2000/XP Information Systems from WindowSecurity.com
• Microsoft Windows Security Recommendation Guides (National Security Agency)
• Armoring NT from WindowSecurity.com
• Center for Internet Security Benchmarks (The
  Windows 2000 Professional Consensus Baseline Security Settings document
  includes guidance on which services can safely be disabled)
• IIS and NTS 4.0 Hardening Guide (.zip file from first.org)
• Windows NT, Terminal Server, and Microsoft Exchange Services Port Usage from Microsoft
• Security Configuration Guides (NSA)

Application security:

Web servers

• The World Wide Web Security FAQ from W3C

Tools:

General

• NIST National Vulnerability Database

UNIX

• Response to DDoS attacks (.pdf from NISCC)
• Secure Shell (secure replacement for telnet)
• Snort (lightweight network intrusion detection)
• TCP Wrappers (access control and logging for daemons) (ftp site)
• Tripwire (host-based integrity checker)

Microsoft

• IIS Lockdown Tool
• Microsoft Baseline Security Analyzer (GUI tool to check system configuration)

Vendor security information:

• Microsoft
• Red Hat Linux
• Sun Microsystems [now Oracle] security resources including security bulletins and alerts

Other security teams:

• Australian CERT
• Cyber Incident Response Capability
• CERT Coordination Center
• JANET-CSIRT

Other sources of security news:

• Help Net Security
• Linux SECURITY.COM
• mailing.unix.bugtraq Usenet group
• Centre for the Protection of National Infrastructure
• SecurityFocus (incorporating Bugtraq)
• SecurityTracker (latest vulnerabilities)

Books on security

If you prefer to get your information from a good old-fashioned book, the following texts are highly recommended:

General:

• Secrets and Lies Digital Security in a Networked World Bruce Schneier, Hungry Minds Inc, U.S. 2004. ISBN: 0471453803

Firewalls:

• Building Internet Firewalls D. Brent Chapman, Elizabeth D. Zwicky, O'Reilly 2000. ISBN: 1565928717
• Essential Check Point FireWall-1 Daemeon D. Welch-Abernathy, Addison Wesley 2004. ISBN: 0321180615