System administration practices play a key role in network security. Checklists and general advice on good security practices are readily available. Below are examples of commonly recommended practices:
Ensure all accounts have a password and that the passwords are difficult to guess. A one-time password system is preferable.
Use tools such as MD5 checksums (8), a strong cryptographic technique, to ensure the integrity of system software on a regular basis.
Use secure programming techniques when writing software. These can be found at security-related sites on the World Wide Web.
Be vigilant in network use and configuration, making changes as vulnerabilities become known.
Regularly check with vendors for the latest available fixes and keep systems current with upgrades and patches.
Regularly check on-line security archives, such as those maintained by incident response teams, for security alerts and technical advice.
Audit systems and networks, and regularly check logs. Many sites that suffer computer security incidents report that insufficient audit data is collected, so detecting and tracing an intrusion is difficult.
Internet FAQ top