NIST 800-44 Version 2 Guidelines on Securing Public Web Servers
27.01.2014 Views
Share Embed Flag

NIST 800-44 Version 2 Guidelines on Securing Public Web Servers

NIST 800-44 Version 2 Guidelines on Securing Public Web Servers

NIST 800-44 Version 2 Guidelines on Securing Public Web Servers

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
immagic.com

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

GUIDELINES ON SECURING PUBLIC WEB SERVERS<br />

[<str<strong>on</strong>g>NIST</str<strong>on</strong>g>02b]<br />

[<str<strong>on</strong>g>NIST</str<strong>on</strong>g>06a]<br />

[<str<strong>on</strong>g>NIST</str<strong>on</strong>g>06b]<br />

[<str<strong>on</strong>g>NIST</str<strong>on</strong>g>06c]<br />

[<str<strong>on</strong>g>NIST</str<strong>on</strong>g>07]<br />

John Wack et al., <str<strong>on</strong>g>NIST</str<strong>on</strong>g> Special <strong>Public</strong>ati<strong>on</strong> <str<strong>on</strong>g>800</str<strong>on</strong>g>-42, Guideline <strong>on</strong> Network Security<br />

Testing, February 2002, http://csrc.nist.gov/publicati<strong>on</strong>s/nistpubs/index.html<br />

Marianne Swans<strong>on</strong> et al., <str<strong>on</strong>g>NIST</str<strong>on</strong>g> Special <strong>Public</strong>ati<strong>on</strong> <str<strong>on</strong>g>800</str<strong>on</strong>g>-18 Revisi<strong>on</strong> 1, Guide for<br />

Developing Security Plans for Federal Informati<strong>on</strong> Systems, February 2006,<br />

http://csrc.nist.gov/publicati<strong>on</strong>s/nistpubs/index.html<br />

Karen Kent and Murugiah Souppaya, <str<strong>on</strong>g>NIST</str<strong>on</strong>g> Special <strong>Public</strong>ati<strong>on</strong> <str<strong>on</strong>g>800</str<strong>on</strong>g>-92, Guide to<br />

Computer Security Log Management, April 2006,<br />

http://csrc.nist.gov/publicati<strong>on</strong>s/nistpubs/index.html<br />

Miles Tracy et al., <str<strong>on</strong>g>NIST</str<strong>on</strong>g> Special <strong>Public</strong>ati<strong>on</strong> <str<strong>on</strong>g>800</str<strong>on</strong>g>-45, <str<strong>on</strong>g>Versi<strong>on</strong></str<strong>on</strong>g> 2, <str<strong>on</strong>g>Guidelines</str<strong>on</strong>g> <strong>on</strong> Electr<strong>on</strong>ic<br />

Mail Security, February 2007, http://csrc.nist.gov/publicati<strong>on</strong>s/nistpubs/index.html<br />

Karen Scarf<strong>on</strong>e and Peter Mell, <str<strong>on</strong>g>NIST</str<strong>on</strong>g> Special <strong>Public</strong>ati<strong>on</strong> <str<strong>on</strong>g>800</str<strong>on</strong>g>-94, Guide to Intrusi<strong>on</strong><br />

Detecti<strong>on</strong> and Preventi<strong>on</strong> Systems (IDPS), February 2007,<br />

http://csrc.nist.gov/publicati<strong>on</strong>s/nistpubs/index.html<br />

[NVD06] Nati<strong>on</strong>al Vulnerability Database, CVE-2005-0233, September 2006,<br />

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-0233<br />

[Ollm04]<br />

[Ollm05]<br />

Gunter Ollman, The Phishing Guide: Understanding and Preventing Phishing Attacks,<br />

NGSSoftware, September 2004, http://www.nextgenss.com/papers/NISR-WP-<br />

Phishing.pdf<br />

Gunter Ollman, The Pharming Guide: Understanding and Preventing DNS-Related<br />

Attacks by Phishers, NGSSoftware, August 2005,<br />

http://www.nextgenss.com/papers/ThePharmingGuide.pdf<br />

[OMB00a] Office of Management and Budget Memorandum 2000-13, 2000,<br />

http://www.whitehouse.gov/omb/memoranda/m00-13.html<br />

[OMB00b] Office of Management and Budget Cookie Clarificati<strong>on</strong> Letter 1, 2000,<br />

http://www.whitehouse.gov/omb/inforeg/cookies_letter72<str<strong>on</strong>g>800</str<strong>on</strong>g>.html<br />

[OMB00c] Office of Management and Budget Cookie Clarificati<strong>on</strong> Letter 2, 2000,<br />

http://www.whitehouse.gov/omb/inforeg/cookies_letter90500.html<br />

[OWASP06] Open <strong>Web</strong> Applicati<strong>on</strong> Security Project (OWASP), OWASP Guide, March 2006,<br />

http://owasp.cvs.sourceforge.net/*checkout*/owasp/guide/current%20draft.pdf<br />

[RSA00] PKCS #10 <str<strong>on</strong>g>Versi<strong>on</strong></str<strong>on</strong>g> 1.7, Certificati<strong>on</strong> Request Syntax Standard, May 26, 2000,<br />

ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-10/pkcs-10v1_7.pdf<br />

[Salt75]<br />

Jerome H. Saltzer and Michael Schroeder, “The Protecti<strong>on</strong> of Informati<strong>on</strong> in Computer<br />

Systems,” Proceedings of the IEEE, Vol. 63, pages 1278–1308<br />

[Scam01] Joel Scambray et al., Hacking Exposed Sec<strong>on</strong>d Editi<strong>on</strong>, McGraw-Hill, 2001<br />

[Schn00]<br />

Bruce Schneier, Secrets & Lies: Digital Security in a Networked World, John Wiley &<br />

S<strong>on</strong>s Inc., 2000<br />

D-2

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!