best practices for administration
Erik Nørgaard
norgaard at locolomo.org
Wed May 11 12:58:05 PDT 2005
David Bear wrote:
> Since the BSD community seems to be more security conscious than other
> (read windows system administrators) groups, I wanted to see if anyone
> here would have any pointers to best practices documents when
> administering ANY operating system, not just FreeBSD. I am assuming
> that many of you must manage other operating systems as well.
You can find some BCP's and FYI's at frc-editor.org. ISO-17799/BS-7799
is the international standard on information security, and there is the
ITIL library.
There is no general answer to your question as much is context
dependent. For example:
What do you need a user to present before giving an account? How do you
verify that the information presented is valid?
Soon, you are faced with different classes of accounts: Employees,
consultants, customers, and different levels of privileges. And who has
privilege to grant others access to what?
Cheers, Erik
--
Ph: +34.666334818 web: http://www.locolomo.org
S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt
Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9
Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2
More information about the freebsd-questions
mailing list