RFC 2196 (rfc2196) - Page 2 of 75
Site Security Handbook
Alternative Format: Original Text Document
RFC 2196 Site Security Handbook September 1997
4.4 Authorization................................................... 29
4.5 Access.......................................................... 30
4.6 Auditing........................................................ 34
4.7 Securing Backups................................................ 37
5. Security Incident Handling...................................... 37
5.1 Preparing and Planning for Incident Handling.................... 39
5.2 Notification and Points of Contact.............................. 42
5.3 Identifying an Incident......................................... 50
5.4 Handling an Incident............................................ 52
5.5 Aftermath of an Incident........................................ 58
5.6 Responsibilities................................................ 59
6. Ongoing Activities.............................................. 60
7. Tools and Locations............................................. 60
8. Mailing Lists and Other Resources............................... 62
9. References...................................................... 64
1. Introduction
This document provides guidance to system and network administrators
on how to address security issues within the Internet community. It
builds on the foundation provided in RFC 1244 and is the collective
work of a number of contributing authors. Those authors include:
Jules P. Aronson (), Nevil Brownlee
(), Frank Byrum (),
Joao Nuno Ferreira (), Barbara Fraser
(), Steve Glass (), Erik Guttman
(), Tom Killalea (), Klaus-
Peter Kossakowski (), Lorna Leone
(), Edward.P.Lewis
(), Gary Malkin (),
Russ Mundy (), Philip J. Nesser
(), and Michael S. Ramsey
().
In addition to the principle writers, a number of reviewers provided
valuable comments. Those reviewers include: Eric Luiijf
(), Marijke Kaat (), Ray Plzak
() and Han Pronk ().
A special thank you goes to Joyce Reynolds, ISI, and Paul Holbrook,
CICnet, for their vision, leadership, and effort in the creation of
the first version of this handbook. It is the working group's sincere
hope that this version will be as helpful to the community as the
earlier one was.
Fraser, Ed. Informational