Date: Wed, 11 May 2005 21:57:42 +0200 From: =?ISO-8859-1?Q?Erik_N=F8rgaard?= <norgaard@locolomo.org> To: David.Bear@asu.edu Cc: freebsd-questions@freebsd.org Subject: Re: best practices for administration Message-ID: <428263B6.7070305@locolomo.org> In-Reply-To: <20050511170133.GD10213@asu.edu> References: <20050511170133.GD10213@asu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
David Bear wrote: > Since the BSD community seems to be more security conscious than other > (read windows system administrators) groups, I wanted to see if anyone > here would have any pointers to best practices documents when > administering ANY operating system, not just FreeBSD. I am assuming > that many of you must manage other operating systems as well. You can find some BCP's and FYI's at frc-editor.org. ISO-17799/BS-7799 is the international standard on information security, and there is the ITIL library. There is no general answer to your question as much is context dependent. For example: What do you need a user to present before giving an account? How do you verify that the information presented is valid? Soon, you are faced with different classes of accounts: Employees, consultants, customers, and different levels of privileges. And who has privilege to grant others access to what? Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9 Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?428263B6.7070305>