12.8 Words to the Wise

I am not a security expert; I am a network administrator. In my view, good security is good system administration and vice versa. Most of this chapter is just common-sense advice. It is probably sufficient for most circumstances, but certainly not for all.

Make sure you know whether there is an existing security policy that applies to your network or system. If there are policies, regulations, or laws governing your situation, make sure to obey them. Never do anything to undermine the security system established for your site.

No system is completely secure. No matter what you do, you will have problems. Realize this and prepare for it. Prepare a disaster recovery plan and do everything necessary, so that when the worst does happen, you can recover from it with the minimum possible disruption.

A good listing of available security publications can be found at http://csrc.nist.gov/secpub . If you want to read more about security, I recommend the following:

• RFC 1244, Site Security Handbook , P. Holbrook, J. Reynold, et al., July 1991.

• RFC 1281, Guidelines for the Secure Operation of the Internet , R. Pethia, S. Crocker, and B. Fraser, November 1991.

• Practical UNIX and Internet Security , Simson Garfinkel and Gene Spafford, O'Reilly & Associates, 1996.

• Building Internet Firewalls , Brent Chapman and Elizabeth Zwicky, O'Reilly & Associates, 1995.

• Computer Security Basics , Deborah Russell and G. T. Gangemi, Sr., O'Reilly & Associates, 1991.

• Firewalls and Internet Security , William Cheswick and Steven Bellovin, Addison-Wesley, 1994.