[Dshield] Being a good Internet citizen - best practices?
jeff-kell at utc.edu
Sat Feb 4 13:51:20 GMT 2006
Anthony Rodgers wrote:
> I am in the IT department of a largish organization (~400 desktops)
> with our own IP netblocks (5 /24s), and I was wanting to gather ideas
> from the list for what we could be doing to be a good Internet citizen,
> along the lines of monitoring abuse@ mail addresses, keeping our WHOIS
> up to date, etc.
MOREnet has a good summary of links at
http://www.more.net/security/best/other.html. The page has clickable
links, I'll not try to post as HTML here since the list is (I think)
plaintext only and would make this look like crap :-). But a
representative example of what is available (from any RFC repository):
* RFC 1173 — Responsibilities of Host and Net Managers: A summary of
"oral traditions" that apply to systems management.
* RFC 1281 — Guidelines for the Secure Operation of the Internet.
* RFC 1746 — Ways to Define User Expectations.
* RFC 1818 — Best Current Practices: A general introduction to best
practices from Internic.
* RFC 2119 — Key words for use in RFCs to indicate requirement levels.
* RFC 2142 — Mailbox names for common services, roles and functions.
This document is highly recommended reading for anyone who is
responsible for a server or network.
* RFC 2350 — Expectations for Computer Security Incident Response:
Excellent guideline for creating a computer incident response
* RFC 2505 — Anti-Spam Recommendations for SMTP MTAs.
More information about the list