1. Home
  2. Server Administration
  3. TCPIP network administration

Section 12.8. Words to the Wise

I am not a security expert; I am a network administrator. In my view, good security is good system administration and vice versa. Most of this chapter is just common-sense advice. It is probably sufficient for most circumstances, but certainly not for all.

Make sure you know whether there is an existing security policy that applies to your network or system. If there are policies, regulations, or laws governing your situation, make sure to obey them. Never do anything to undermine the security system established for your site.

No system is completely secure. No matter what you do, you will have problems. Realize this and prepare for it. Prepare a disaster recovery plan and do everything necessary so that when the worst does happen, you can recover from it with the minimum possible disruption.

If you want to read more about security, I recommend the following:

  • RFC 2196, Site Security Handbook, B. Fraser, September 1997.

  • RFC 1281, Guidelines for the Secure Operation of the Internet, R. Pethia, S. Crocker, and B. Fraser, November 1991.

  • Practical Unix and Internet Security, Simson Garfinkel and Gene Spafford, O'Reilly & Associates, 1996.

  • Linux Security, Ramon Hontanon, Sybex, 2001.

  • Building Internet Firewalls, Elizabeth Zwicky, Simon Cooper, and Brent Chapman, O'Reilly & Associates, 2000.

  • Linux Firewalls, Robert Ziegler, New Riders, 2000.

  • Firewalls and Internet Security, William Cheswick and Steven Bellovin, Addison Wesley, 1994.



    		Chapter 1. Overview of TCP/IP
    		Chapter 2. Delivering the Data
    		Chapter 3. Network Services
    		Chapter 4. Getting Started
    		Chapter 5. Basic Configuration
    		Chapter 6. Configuring the Interface
    		Chapter 7. Configuring Routing
    		Chapter 8. Configuring DNS
    		Chapter 9. Local Network Services
    		Chapter 10. sendmail
    		Chapter 11. Configuring Apache
    		Chapter 12. Network Security
    		Section 12.1. Security Planning
    		Section 12.2. User Authentication
    		Section 12.3. Application Security
    		Section 12.4. Security Monitoring
    		Section 12.5. Access Control
    		Section 12.6. Encryption
    		Section 12.7. Firewalls
    		Section 12.8. Words to the Wise
    		Section 12.9. Summary
    		Chapter 13. Troubleshooting TCP/IP
    		Appendix A. PPP Tools
    		Appendix B. A gated Reference
    		Appendix C. A named Reference
    		Appendix D. A dhcpd Reference
    		Appendix E. A sendmail Reference
    		Appendix F. Solaris httpd.conf File
    		Appendix G. RFC Excerpts