Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


German goverment recommends immediate actions for a secured Internet

Apr 30, 2000, 13:14 (0 Talkback[s])
(Other stories by Fred Mobach)

[ Thanks to Fred Mobach for this Report: ]

"The German minister Otto Schily had erected the Task Force "Secure Internet" after the DDoS attacks in Februari. This task force has produced a catalog of immediately to be implemented measures. When implemented the security in the Internet will grow better because attacks like DDoS will become more difficult or even impossible.

You can read this in German at http://www.bmi.bund.de/aktuelles/index.html or try Babelfish.

The list of actions are described at http://www.bsi.de/ddos.html, also in German.

The list of 15 measures is grouped for ISP's, server providers, content providers, end users and everybody.

Measures for ISP's are
-1- packet filtering at the entry points to drop IP spoofed packets,
-2- packet filtering at the exit points preferable in combination with an IDS.

Measures for server providers :
-3- packet filtering,
-4- IDS,
-5- emergency plan,
-6- secured server configuration,
-7- restictive user rights and timely system checks
-8- use Open Source products : they'll be repaired faster than closed source products and you can do it yourself :-).

Measures for content providers :
-9- select a server provider who can prove that security and availability is his primary goal,
-10- no active content while that provokes insecure configurations of clients,
-11- daily check on viri and attack tools.

Measures for end users :
-12- use a virus check programm and configure the browser in a secure way, think on the use of a firewall.

General measures :
-13- Standard security safeguards according to the IT Baseline Protection Manual at http://www.bsi.de/gshb/english/menue.htm,
-14- apply security updates ina timely manner,
-15- use appropriate security tools and educate the employees.

Numbers 8 and 15 seems to be related : open source and education :-)."