The CERT Guide to System and Network Security Practices

Black-hat hackers--that is, malicious people who want to break into your networks and machines--are proliferating, it's true. But the number of systems available for them to attack is growing at an even faster clip, which means you can head off a lot of attacks on your Internet-connected resources by following the advice in The CERT Guide to System and Network Security Practices. Julia Allen has distilled a series of "best practices" documents from the CERT Coordination Center (a clearing-house for information about computer attacks) into readily absorbable advice on computer security. She shows how to configure systems for inherent resistance to attack, how to set up logs and intrusion detection tools as early and reliable tripwires, and, to a lesser extent, how to deal with an attack in progress.

Allen's approach is not focused on the details of particular operating systems, applications, or items of equipment, though she does include some such information in a sizable appendix. Most of the time, procedural outlines are phrased generically ("Disable the serving of Web server file directory listings"). It's up to you to figure out what the steps mean, specifically, in terms of your hardware and software. The advice is carefully researched and therefore valuable. If implemented carefully, Allen's recommended practices should deter all but the most determined hackers from harassing your systems. --David Wall

Topics covered: Techniques for hardening computers and networks against compromise by malice-minded hackers, detecting break-ins and other attacks when they occur, and designing security policies to minimize potential damage. Specific advice has to do with locked-down workstations, servers in DMZs, firewalls, and intrusion detection utilities.