Return-Path: <sentto-279987-4568-1015426212-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Wed, 06 Mar 2002 06:52:08 -0800 (PST) Received: (qmail 12589 invoked by uid 510); 6 Mar 2002 14:50:31 -0000 Received: from n23.groups.yahoo.com (216.115.96.73) by all.net with SMTP; 6 Mar 2002 14:50:31 -0000 X-eGroups-Return: sentto-279987-4568-1015426212-fc=all.net@returns.groups.yahoo.com Received: from [216.115.97.164] by n23.groups.yahoo.com with NNFMP; 06 Mar 2002 14:50:12 -0000 X-Sender: fc@red.all.net X-Apparently-To: iwar@onelist.com Received: (EGP: unknown); 6 Mar 2002 14:50:11 -0000 Received: (qmail 29661 invoked from network); 6 Mar 2002 14:50:11 -0000 Received: from unknown (216.115.97.167) by m10.grp.snv.yahoo.com with QMQP; 6 Mar 2002 14:50:11 -0000 Received: from unknown (HELO red.all.net) (12.232.72.152) by mta1.grp.snv.yahoo.com with SMTP; 6 Mar 2002 14:50:11 -0000 Received: (from fc@localhost) by red.all.net (8.11.2/8.11.2) id g26EowD19587 for iwar@onelist.com; Wed, 6 Mar 2002 06:50:58 -0800 Message-Id: <200203061450.g26EowD19587@red.all.net> To: iwar@onelist.com (Information Warfare Mailing List) Organization: I'm not allowed to say X-Mailer: don't even ask X-Mailer: ELM [version 2.5 PL3] From: Fred Cohen <fc@all.net> X-Yahoo-Profile: fcallnet Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Wed, 6 Mar 2002 06:50:58 -0800 (PST) Subject: [iwar] [fc:Web.server.defense.drafted] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Web server defense drafted By Diane Frank, FCW, 3/5/02 <a href="http://www.fcw.com/fcw/articles/2002/0304/web-nist-03-04-02.asp">http://www.fcw.com/fcw/articles/2002/0304/web-nist-03-04-02.asp> Tackling one of the prime targets on a network for cyberattacks, the National Institute of Standards and Technology released a draft of its new guidance on securing public Web servers March 1. The draft special publication is intended for technical personnel, as it contains detailed guidance and checklists on how to configure the Web server itself, as well as the underlying operating system and security products, such as firewalls and intrusion detection systems. The guide also covers security administration procedures for Web servers, including logging, backup, recovery, testing and remote administration. In the appendices, the guide outlines the steps to secure the two most commonly used Web servers, the open-source Apache server and Microsoft Corp.'s Internet Information Server. Comments on the draft are due to Wayne Jansen (<a href="mailto:jansen@nist.gov?Subject=Re:%20(ai)%20Web%20server%20defense%20drafted%2526In-Reply-To=%2526lt;200203060150.g261obJ21317@smtpsrv2.mitre.org">jansen@nist.gov</a>) by March 28. [NIST draft: "Guidelines on Securing Public Web Servers] <a href="http://csrc.nist.gov/publications/drafts/PP-SecuringWebServers-RFC.pdf">http://csrc.nist.gov/publications/drafts/PP-SecuringWebServers-RFC.pdf> ------------------------ Yahoo! Groups Sponsor ---------------------~--> Tiny Wireless Camera under $80! Order Now! FREE VCR Commander! Click Here - Only 1 Day Left! http://us.click.yahoo.com/nuyOHD/7.PDAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:04 PST