German goverment recommends immediate actions for a secured Internet

[ Thanks to Fred Mobach
for this Report: ]

“The German minister Otto Schily had erected the Task Force
“Secure Internet” after the DDoS attacks in Februari. This task
force has produced a catalog of immediately to be implemented
measures. When implemented the security in the Internet will grow
better because attacks like DDoS will become more difficult or even
impossible.

You can read this in German at http://www.bmi.bund.de/aktuelles/index.html
or try Babelfish.

The list of actions are described at http://www.bsi.de/ddos.html, also
in German.

The list of 15 measures is grouped for ISP’s, server providers,
content providers, end users and everybody.

Measures for ISP’s are
-1- packet filtering at the entry points to drop IP spoofed
packets,
-2- packet filtering at the exit points preferable in combination
with an IDS.

Measures for server providers :
-3- packet filtering,
-4- IDS,
-5- emergency plan,
-6- secured server configuration,
-7- restictive user rights and timely system checks
-8- use Open Source products : they’ll be repaired faster than
closed source products and you can do it yourself :-).

Measures for content providers :
-9- select a server provider who can prove that security and
availability is his primary goal,
-10- no active content while that provokes insecure configurations
of clients,
-11- daily check on viri and attack tools.

Measures for end users :
-12- use a virus check programm and configure the browser in a
secure way, think on the use of a firewall.

General measures :
-13- Standard security safeguards according to the IT Baseline
Protection Manual at http://www.bsi.de/gshb/english/menue.htm,
-14- apply security updates ina timely manner,
-15- use appropriate security tools and educate the employees.

Numbers 8 and 15 seems to be related : open source and education
:-).”