CERT Coordination Center
HomeSite IndexSearchContactFrequently Asked Questions
Incidents, Quick fixes, and VulnerabilitiesSecurity Practices and EvaluationsSurvivability Research and AnalysisTraining and Education
  

Implementation Details

Maintaining currency by periodically reviewing public and vendor information sources

 

Applies to the practice: "Establish a policy and procedures that prepare your organization to detect signs of intrusion."
"Keep operating systems and applications software up to date."
"Consider security implications before selecting programs, scripts, and plug-ins for your Web server."
"Protect your Web server against common attacks."

Applicable technologies: UNIX, Windows NT, HP, Sun

 

There are many excellent sources of information about emerging intruder trends, attack scenarios, security vulnerabilities, vulnerability detection, and ways to fix them. You should take time each day to review these sources, learn about new developments, and potentially take action based on the information and instruction provided.

General security information

Both broad and detailed information on a wide range of information, computer, and network security topics can be found at http://www.cert.org/other_sources/other_teams.html and include the following:

  • AUSCERT Australian Computer Emergency Response Team
  • CERIAS (Center for Education, Research, and Information Assurance Security). Note that this group was formerly known as the Computer Operations, Audit, and Security Team [COAST].
  • CERT/CC Computer Emergency Response Team Coordination Center
  • CIAC Computer Incident Advisory Capability
  • CVE "Common Vulnerabilities and Exposures (CVE) is a list or dictionary that provides common names for publicly known information security vulnerabilities and exposures."
  • DFNCERT German Computer Emergency Response Team
  • FIRST Forum of Incident Response and Security Teams
  • ICSA ICSA Labs, as described on its web site, "provides the continuous research, statistics and knowledge that allow TruSecureŽ Corporation to continuously pioneer Internet security."
  • IETF Internet Engineering Task Force
  • SANS SANS Institute
  • Security Focus contains BugTraq, which is a full disclosure moderated mailing list for the detailed discussion and announcement of computer security vulnerabilities: what they are, how to exploit them, and how to fix them.
  • Security Portal
  • USENIX Advanced Computing Systems Association

Security fixes and patches

Monitor security fixes and patches that are produced by the vendors of your equipment and obtain and install all that apply. A general index of vendor sites can be found at

http://www.cert.org/security-improvement/implementations/data/vendor_list.html

Advisories

Subscribe to advisories that are issued by various security incident response teams and update your systems against those threats that apply to your site's technology. Sites that publish such advisories include:

Mailing lists and USENET newsgroups

 Read relevant mailing lists and USENET newsgroups (http://www.cert.org/other_sources/usenet.html)
to keep up to date with the latest information being shared by fellow administrators.
Security tools

It is important to regularly review sites that contain a wide range of useful and publicly available security tools.

These include:

SEI Home

Copyright 2000 Carnegie Mellon University
CERT is registered in the U.S. Patent and Trademark Office.

Page revised: January 16, 2001