Since the BSD community seems to be more security conscious than other
(read windows system administrators) groups, I wanted to see if anyone
here would have any pointers to best practices documents when administering ANY operating system, not just FreeBSD. I am assuming
that many of you must manage other operating systems as well.
You can find some BCP's and FYI's at frc-editor.org. ISO-17799/BS-7799 is the international standard on information security, and there is the ITIL library.
There is no general answer to your question as much is context dependent. For example:
What do you need a user to present before giving an account? How do you verify that the information presented is valid?
Soon, you are faced with different classes of accounts: Employees, consultants, customers, and different levels of privileges. And who has privilege to grant others access to what?
Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9 Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2 _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
