Section 12.8. Words to the Wise

12.8 Words to the Wise

I am not a security expert; I am a network administrator. In my view, good security is good system administration and vice versa. Most of this chapter is just common-sense advice. It is probably sufficient for most circumstances, but certainly not for all.

Make sure you know whether there is an existing security policy that applies to your network or system. If there are policies, regulations, or laws governing your situation, make sure to obey them. Never do anything to undermine the security system established for your site.

No system is completely secure. No matter what you do, you will have problems. Realize this and prepare for it. Prepare a disaster recovery plan and do everything necessary so that when the worst does happen, you can recover from it with the minimum possible disruption.

If you want to read more about security, I recommend the following:

• RFC 2196, Site Security Handbook, B. Fraser, September 1997.

• RFC 1281, Guidelines for the Secure Operation of the Internet, R. Pethia, S. Crocker, and B. Fraser, November 1991.

• Practical Unix and Internet Security, Simson Garfinkel and Gene Spafford, O'Reilly & Associates, 1996.

• Linux Security, Ramon Hontanon, Sybex, 2001.

• Building Internet Firewalls, Elizabeth Zwicky, Simon Cooper, and Brent Chapman, O'Reilly & Associates, 2000.

• Linux Firewalls, Robert Ziegler, New Riders, 2000.

• Firewalls and Internet Security, William Cheswick and Steven Bellovin, Addison Wesley, 1994.