RFC 3013 (rfc3013) - Page 2 of 13

Recommended Internet Service Provider Security Services and Procedures

Alternative Format: Original Text Document
< Previous
Next >
RFC 3013                Recommended ISP Security           November 2000


Table of Contents

   1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . 2
     1.1 Conventions Used in this Document. . . . . . . . . . . . . . 3
   2 Communication. . . . . . . . . . . . . . . . . . . . . . . . . . 3
     2.1 Contact Information. . . . . . . . . . . . . . . . . . . . . 3
     2.2 Information Sharing. . . . . . . . . . . . . . . . . . . . . 4
     2.3 Secure Channels. . . . . . . . . . . . . . . . . . . . . . . 4
     2.4 Notification of Vulnerabilities and Reporting Incidents. . . 4
     2.5 ISPs and Computer Security Incident Response Teams (CSIRTs). 5
   3 Appropriate Use Policy . . . . . . . . . . . . . . . . . . . . . 5
     3.1 Announcement of Policy . . . . . . . . . . . . . . . . . . . 6
     3.2 Sanctions. . . . . . . . . . . . . . . . . . . . . . . . . . 6
     3.3 Data Protection. . . . . . . . . . . . . . . . . . . . . . . 6
   4 Network Infrastructure . . . . . . . . . . . . . . . . . . . . . 6
     4.1 Registry Data Maintenance. . . . . . . . . . . . . . . . . . 6
     4.2 Routing Infrastructure . . . . . . . . . . . . . . . . . . . 7
     4.3 Ingress Filtering on Source Address. . . . . . . . . . . . . 7
     4.4 Egress Filtering on Source Address . . . . . . . . . . . . . 8
     4.5 Route Filtering. . . . . . . . . . . . . . . . . . . . . . . 8
     4.6 Directed Broadcast . . . . . . . . . . . . . . . . . . . . . 8
   5 Systems Infrastructure . . . . . . . . . . . . . . . . . . . . . 9
     5.1 System Management. . . . . . . . . . . . . . . . . . . . . . 9
     5.2 No Systems on Transit Networks . . . . . . . . . . . . . . . 9
     5.3 Open Mail Relay. . . . . . . . . . . . . . . . . . . . . . . 9
     5.4 Message Submission . . . . . . . . . . . . . . . . . . . . . 9
   6 References . . . . . . . . . . . . . . . . . . . . . . . . . . .10
   7 Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . .12
   8 Security Considerations. . . . . . . . . . . . . . . . . . . . .12
   9 Author's Address . . . . . . . . . . . . . . . . . . . . . . . .12
   10 Full Copyright Statement. . . . . . . . . . . . . . . . . . . .13

1 Introduction

   The purpose of this document is to express what the engineering
   community as represented by the IETF expects of Internet Service
   Providers (ISPs) with respect to security.  This document is
   addressed to ISPs.

   By informing ISPs of what this community hopes and expects of them,
   the community hopes to encourage ISPs to become proactive in making
   security not only a priority, but something to which they point with
   pride when selling their services.

   Under no circumstances is it the intention of this document to
   dictate business practices.





Killalea                 Best Current Practice
< Previous
Next >