Securing Network Servers (2000)

The development of computer networks has resulted in an important class of computers: network servers. The primary purpose of these machines is to provide services, including both computational and data services, to other computers on the network.

Because of their service role, it is common for servers to store many of an organizations most valuable and confidential information resources. They also are often deployed to provide a centralized capability for an entire organization, such as communication (electronic mail) or user authentication. Security breaches on a network server can result in the disclosure of critical information or the loss of a capability that can affect the entire organization. Therefore, securing network servers should be a significant part of your network and information security strategy.

Many security problems can be avoided if servers and networks are appropriately configured. Default hardware and software configurations are typically set by vendors to emphasize features and functions more than security. Since vendors are not aware of your security needs, you must configure new servers to reflect your security requirements and reconfigure them as your requirements change.

The practices recommended here are designed to help you configure and deploy network servers that satisfy your organizations security requirements. The practices may also be useful in examining the configuration of previously deployed servers.

PDF [436 KB]

Authors

Julia H. Allen

Klaus-Peter Kossakowski

Gary Ford

Suresh Konda

Derek Simmel

Security Improvement Module
CMU/SEI-2000-SIM-010
April 2000

Cite This Report

SEI:

Allen, Julia; Kossakowski, Klaus-Peter; Ford, Gary; Konda, Suresh; & Simmel, Derek. Securing Network Servers (2000) (CMU/SEI-2000-SIM-010). Software Engineering Institute, Carnegie Mellon University, 2000. http://www.sei.cmu.edu/library/abstracts/reports/00sim010.cfm

IEEE:

J. Allen, K. Kossakowski, G. Ford, S. Konda, and D. Simmel, "Securing Network Servers (2000)," Software Engineering Institute, Carnegie Mellon University, Pittsburgh, Pennsylvania, Security Improvement Module CMU/SEI-2000-SIM-010, 2000. http://www.sei.cmu.edu/library/abstracts/reports/00sim010.cfm

APA:

Allen, J., Kossakowski, K., Ford, G., Konda, S., & Simmel, D. (2000) . Securing Network Servers (2000) (CMU/SEI-2000-SIM-010). Retrieved May 23, 2012, from the Software Engineering Institute, Carnegie Mellon University website: http://www.sei.cmu.edu/library/abstracts/reports/00sim010.cfm

CHI:

Allen, Julia, Klaus-Peter Kossakowski, Gary Ford, Suresh Konda, and Derek Simmel. Securing Network Servers (2000) (CMU/SEI-2000-SIM-010). Pittsburgh, PA: Software Engineering Insitute, Carnegie Mellon University, 2000. http://www.sei.cmu.edu/library/abstracts/reports/00sim010.cfm

MLA:

Allen, J., Kossakowski, K., Ford, G., Konda, S., & Simmel, D. 2000. Securing Network Servers (2000) (Technical Report CMU/SEI-2000-SIM-010). Pittsburgh: Software Engineering Insitute, Carnegie Mellon University. http://www.sei.cmu.edu/library/abstracts/reports/00sim010.cfm

Find Us Here

Share This Page

Share on Facebook  Send to your Twitter page  Save to del.ico.us  Save to LinkedIn  Digg this  Stumble this page.  Add to Technorati favorites  Save this page on your Google Home Page 

For more information

Contact Us

info@sei.cmu.edu

412-268-5800