NIST 800-44 Version 2 Guidelines on Securing Public Web Servers
NIST 800-44 Version 2 Guidelines on Securing Public Web Servers
NIST 800-44 Version 2 Guidelines on Securing Public Web Servers
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
GUIDELINES ON SECURING PUBLIC WEB SERVERS<br />
Miscellaneous <strong>Web</strong> Security Resources<br />
Resource/Title<br />
dominosecurity.org<br />
H<strong>on</strong>eynet Project<br />
Lotus Domino Security Page<br />
Microsoft Internet Explorer Home Page<br />
Mozilla Security Center<br />
Netcraft<br />
http://www.dominosecurity.org/<br />
http://project.h<strong>on</strong>eynet.org/<br />
URL<br />
http://www-128.ibm.com/developerworks/lotus/security/<br />
http://www.microsoft.com/windows/products/winfamily/ie/default<br />
.mspx<br />
http://www.mozilla.org/security/<br />
http://www.netcraft.com/<br />
Phishing Resources<br />
Resource/Title<br />
Anti-Phishing Working Group (APWG)<br />
Federal Trade Commissi<strong>on</strong> (FTC), “How Not to Get<br />
Hooked by a ‘Phishing’ Scam”<br />
Internet Crime Complaint Center (ICCC)<br />
Phish Report Network<br />
URL<br />
http://www.antiphishing.org/<br />
http://www.ftc.gov/bcp/edu/pubs/c<strong>on</strong>sumer/alerts/alt127.htm<br />
http://www.ic3.gov/<br />
http://www.phishreport.net/<br />
<strong>Web</strong>Bot Informati<strong>on</strong><br />
Resource/Title<br />
BotSpot<br />
C<strong>on</strong>figuring the robots.txt Files<br />
<str<strong>on</strong>g>NIST</str<strong>on</strong>g> Mobile Agent Security<br />
Showing Robots the Door<br />
University of Maryland Baltimore County (UMBC)<br />
Agent<strong>Web</strong><br />
URL<br />
http://www.botspot.com<br />
http://www.robotstxt.org/wc/exclusi<strong>on</strong>.html#robotstxt<br />
http://csrc.nist.gov/mobileagents/projects.html<br />
http://www.ariadne.ac.uk/issue15/robots/<br />
http://agents.umbc.edu/<br />
<str<strong>on</strong>g>NIST</str<strong>on</strong>g> <strong>Public</strong>ati<strong>on</strong>s <strong>on</strong> System and Network Security 82<br />
<strong>Public</strong>ati<strong>on</strong><br />
SP <str<strong>on</strong>g>800</str<strong>on</strong>g>-18 Revisi<strong>on</strong> 1, Guide for Developing Security<br />
Plans for Federal Informati<strong>on</strong> Systems<br />
SP <str<strong>on</strong>g>800</str<strong>on</strong>g>-26, Security Self-Assessment Guide for<br />
Informati<strong>on</strong> Technology Systems<br />
SP <str<strong>on</strong>g>800</str<strong>on</strong>g>-27, Engineering Principles for Informati<strong>on</strong><br />
Technology Security<br />
SP <str<strong>on</strong>g>800</str<strong>on</strong>g>-28 <str<strong>on</strong>g>Versi<strong>on</strong></str<strong>on</strong>g> 2 (DRAFT), <str<strong>on</strong>g>Guidelines</str<strong>on</strong>g> <strong>on</strong> Active<br />
C<strong>on</strong>tent and Mobile Code<br />
URL<br />
http://csrc.nist.gov/publicati<strong>on</strong>s/nistpubs/<str<strong>on</strong>g>800</str<strong>on</strong>g>-18-<br />
Rev1/sp<str<strong>on</strong>g>800</str<strong>on</strong>g>-18-Rev1-final.pdf<br />
http://csrc.nist.gov/publicati<strong>on</strong>s/nistpubs/<str<strong>on</strong>g>800</str<strong>on</strong>g>-26/sp<str<strong>on</strong>g>800</str<strong>on</strong>g>-<br />
26.pdf<br />
http://csrc.nist.gov/publicati<strong>on</strong>s/nistpubs/<str<strong>on</strong>g>800</str<strong>on</strong>g>-<br />
27A/SP<str<strong>on</strong>g>800</str<strong>on</strong>g>-27-RevA.pdf<br />
http://csrc.nist.gov/publicati<strong>on</strong>s/nistpubs/<br />
82<br />
The primary <strong>Web</strong> site for all of these publicati<strong>on</strong>s is located at http://csrc.nist.gov/publicati<strong>on</strong>s/index.html.<br />
A-4