Remove or disable unneeded default accounts and groups Disable non interactive

Remove or disable unneeded default accounts and

This preview shows page 129 - 131 out of 142 pages.

Remove or disable unneeded default accounts and groups Disable non-interactive accounts Create the user groups for the particular computer Create the user accounts for the particular computer Check the organization’s password policy and set account passwords appropriately (e.g., length, complexity) Prevent password guessing (e.g., increase the period between attempts, deny login after a defined number of failed attempts) Install and configure other security mechanisms to strengthen authentication Configure resource controls appropriately Deny read access to unnecessary files and directories Deny write access to unnecessary files and directories Limit the execution privilege of system tools to system administrators Install and configure additional security controls Select, install, and configure additional software to provide needed controls not included in the OS, such as antivirus software, antispyware software, rootkit detectors, host-based intrusion detection and prevention software, host-based firewalls, and patch management software Test the security of the OS Identify a separate identical system Test OS after initial install to determine vulnerabilities Test OS periodically (e.g., quarterly) to determine new vulnerabilities Securing the Web Server Completed Action Securely install the Web server Install the Web server software on a dedicated host or a dedicated virtualized guest OS Apply any patches or upgrades to correct for known vulnerabilities Create a dedicated physical disk or logical partition (separate from OS and Web server application) for Web content E-2
Image of page 129
G UIDELINES ON S ECURING P UBLIC W EB S ERVERS Completed Action Remove or disable all services installed by the Web server application but not required (e.g., gopher, FTP, remote administration) Remove or disable all unneeded default login accounts created by the Web server installation Remove all manufacturer documentation from server Remove any example or test files from server, including scripts and executable code Apply appropriate security template or hardening script to the server Reconfigure HTTP service banner (and others as required) NOT to report Web server and OS type and version Configure OS and Web server access controls Configure the Web server process to run as a user with a strictly limited set of privileges Configure the Web server so that Web content files can be read but not written by service processes Configure the Web server so that service processes cannot write to the directories where public Web content is stored Configure the Web server so that only processes authorized for Web server administration can write Web content files Configure the host OS so that the Web server can write log files but not read them Configure the host OS so that temporary files created by the Web server application are restricted to a specified and appropriately protected subdirectory Configure the host OS so that access to any temporary files created by the Web
Image of page 130
Image of page 131

You've reached the end of your free preview.

Want to read all 142 pages?

  • Summer '19
  • ........., Web page, World Wide Web, Web server

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask You can ask (will expire )
Answers in as fast as 15 minutes