No se por ahora

UNCLASSIFIED

The 60 Minute Network Security Guide (First Steps Towards a Secure Network Environment)

Systems and Network Attack Center (SNAC)

Updated July 12, 2002 Version 1.2

National Security Agency 9800 Savage Rd. Suite 6704 Ft. Meade, MD 20755-6704 SNAC.Guides@nsa.gov

Some parts of this document were drawn from Microsoft and The SANS Institute copyright materials withtheir permission.

UNCLASSIFIED

UNCLASSIFIED

UNCLASSIFIED

2

UNCLASSIFIED
Change Control Version Date
1.1 1.2 18 Feb. . 2002 12 July 2002

Details
Updated UNIX Section p. 27 thru 33 These updates where to fixes grammar and syntax Clarify reference of shareware product : Tripwire ASR, page 33

UNCLASSIFIED

3

UNCLASSIFIED
Table of Contents TABLE OF CONTENTS..................................................................................................4 INTRODUCTION .............................................................................................................6 GENERAL GUIDANCE ...................................................................................................7 SECURITY POLICY........................................................................................................................ 7 OPERATING SYSTEMS AND APPLICATIONS: VERSIONS AND UPDATES ......................................... 7 KNOW YOUR NETWORK ............................................................................................................... 8 TCP/UDP SERVERS AND SERVICES ON THENETWORK................................................................ 8 PASSWORDS ................................................................................................................................. 8 DO NOT RUN CODE FROM NON-TRUSTED SOURCES .................................................................... 9 BLOCK CERTAIN E-MAIL ATTACHMENT TYPES ........................................................................... 9FOLLOW THE CONCEPT OF LEAST PRIVILEGE .............................................................................. 9 APPLICATION AUDITING ............................................................................................................. 10 NETWORK PRINTER .................................................................................................................... 10 SIMPLENETWORK MANAGEMENT PROTOCOL (SNMP) ............................................................. 10 NETWORK SECURITY TESTING ................................................................................................... 10 PERIMETER ROUTERS AND FIREWALLS.................................................................11 HOST SECURITY......................................................................................................................... 11 TCP/IP FILTERS ......................................................................................................................... 13 LOGGING AND DEBUGGING ........................................................................................................ 21 GENERAL RECOMMENDATIONS.................................................................................................. 23 WINDOWS NT 4.0 AND WINDOWS 2000....................................................................24 SERVICE PACKS AND HOTFIXES ................................................................................................. 24 LIST OF NT/WINDOWS 2000 SECURITY MEASURES.................................................................. 25 MICROSOFT APPLICATIONS .....................................................................................27 MICROSOFT WEB SERVICES ....................................................................................................... 27 UNIX SYSTEMS AND NETWORKS .............................................................................29 STARTUP AND LOGIN SCRIPTS...