img
NIST SP800-54.pdf

Although not well known among everyday users, the Border Gateway Protocol (BGP) is one of the critical infrastructure protocols for the Internet. BGP is a routing protocol, whose purpose is to keep systems on the Internet up to date with information needed to receive and transmit traffic correctly. Sending and receiving email, viewing Web sites, and performing other Internet activities require the transmission of messages referred to as packets. Packets sent on the Internet contain source and destination addresses, much like paper mail sent in envelopes. But packets do not go directly from a user’s computer to their destination. Many intermediate systems may be involved in the transmission, and because there are many paths from one point to another, not all packets follow the same path between source and destination. The systems that packets pass through from one point to another all need to know where to forward a packet, based on the destination address and information contained in a routing table. The routing table says, for example, that packets with a destination of A can be sent to system H, which will then forward the packets to their destination, possibly through other intermediate nodes. (Note that the terms “routing table” and “forwarding table” are often used interchangeably, although technically the forwarding table is used to determine where packets will be sent. More on the distinction between these tables can be found in Section 2.1.) Because the Internet changes continuously, as systems fail or are replaced or new systems are added, routing tables must be updated constantly. BGP is the protocol that serves this purpose for the global Internet. When BGP fails, portions of the Internet may become unusable for a period of time ranging from minutes to hours. Most of the risk to BGP comes from accidental failures, but there is also a significant risk that attackers could disable parts or all of network, disrupting communications, commerce, and possibly putting lives and property in danger. This document discusses the structure and function of BGP, potential attacks, available countermeasures, and the costs and benefits related to countermeasures. The emphasis in this publication is on measures that may be applied either immediately or in a short time. A variety of proposals have been introduced in standards bodies for more comprehensive approaches to BGP security, but issues are not yet settled as to which, if any, of these proposals will be adopted by the producers and consumers of routing equipment. The aim of this document is to give decision makers a selection of measures that can be deployed rapidly, yet provide significant improvements to routing security.

img
NIST SP800-53A.pdf

The purpose of this publication is to provide guidelines for building effective security assessment plans and a comprehensive set of procedures for assessing the effectiveness of security controls employed in information systems supporting the executive agencies of the federal government. The guidelines apply to the security controls defined in NIST Special Publication 800-53 (as amended), Recommended Security Controls for Federal Information Systems, and any additional security controls developed by the organization. The guidelines have been developed to help achieve more secure information systems within the federal government by: • Enabling more consistent, comparable, and repeatable assessments of security controls; • Facilitating more cost-effective assessments of security controls contributing to the determination of overall control effectiveness; • Promoting a better understanding of the risks to organizational operations, organizational assets, individuals, other organizations, and the Nation resulting from the operation and use of federal information systems; and • Creating more complete, reliable, and trustworthy information for organizational officials—to support security accreditation decisions, information sharing, and FISMA compliance.

img
NIST SP800-53A rev1.pdf

INTRODUCTION THE NEED TO ASSESS SECURITY CONTROL EFFECTIVENESS IN INFORMATION SYSTEMS T T oday’s information systems9 are complex assemblages of technology (i.e., hardware, software, and firmware), processes, and people, working together to provide organizations with the capability to process, store, and transmit information in a timely manner to support various missions and business functions. The degree to which organizations have come to depend upon these information systems to conduct routine, important, and critical missions and business functions means that the protection of the underlying systems is paramount to the success of the organization. The selection of appropriate security controls for an information system is an important task that can have major implications on the operations and assets of an organization as well as the welfare of individuals.10 Security controls are the management, operational, and technical safeguards or countermeasures prescribed for an information system to protect the confidentiality, integrity (including non-repudiation and authenticity), and availability of the system and its information. Once employed within an information system, security controls are assessed to provide the information necessary to determine their overall effectiveness; that is, the extent to which the controls are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security requirements for the system. Understanding the overall effectiveness of the security controls implemented in the information system and its environment of operation is essential in determining the risk to the organization’s operations and assets, to individuals, to other organizations, and to the Nation resulting from the use of the system.

img
Event Log Explorer for win.zip

Event Log Explorer for win.zipEvent Log Explorer 是一款专门为 Windows 作业系统所设计的事件分析器。系统在执行过程中,若是发生了任何问题或是启动了任何动作,其实这些记录都会以 log 的方式被记录下来,但是,大多数的使用者其实并不具有看懂这些 log 资料的能力。现在,只要透过 Event Log Explorer ,你也能够非常简单地浏览这些 log 的内容。 Event Log Explorer 能够让使用者查阅系统的安全性、系统、应用程式以及其它的纪录事件,让你能够迅速地由这些被记录下的事件中找出可能导致你的系统发生错误的原因,甚至还能够查询自己的系统是否受到不明的网路攻击。因此,如果你还是无法清楚掌握自己系统发生错误的原因,那么不妨来试试 Event Log Explorer ,让它帮助你对系统的事件进行分析吧

img
NIST SP800-53 AppendicesDEF.pdf

MINIMUM SECURITY CONTROLS – SUMMARY LOW-IMPACT, MODERATE-IMPACT, AND HIGH-IMPACT INFORMATION SYSTEMS he following table lists the minimum security controls, or security control baselines, for low-impact, moderate-impact, and high-impact information systems. The three security control baselines are hierarchical in nature with regard to the security controls employed in those baselines.1 If a security control is selected for one of the baselines, the family identifier and control number are listed in the appropriate column. If a control is not used in a particular baseline, the entry is marked “not selected.” Control enhancements, when used to supplement basic security controls, are indicated by the number of the control enhancement. For example, an “IR-2 (1)(2)” in the high baseline entry for the IR-2 security control indicates that the second control from the Incident Response family has been selected along with control enhancements (1) and (2). Some security controls and control enhancements in the security control catalog are not used in any of the baselines but are available for optional use by organizations if needed; for example, when indicated based on the results of a risk assessment indicate the need for additional controls or control enhancements in order to adequately mitigate risks to individuals, the organization, or its assets. A complete description of security controls, supplemental guidance for the controls, and control enhancements is provided in Appendix F. A detailed listing of security controls and control enhancements for each control baseline is available at: http://csrc.nist.gov/sec-cert.

img
NIST SP800-52r2-draft2.pdf

1 Introduction 252 Transport Layer Security (TLS) protocols are used to secure communications in a wide variety of 253 online transactions such as financial transactions (e.g., banking, trading stocks, e-commerce), 254 healthcare transactions (e.g., viewing medical records or scheduling medical appointments), and 255 social transactions (e.g., email or social networking). Any network service that handles sensitive 256 or valuable data, whether it is personally identifiable information (PII), financial data, or login 257 information, needs to adequately protect that data. TLS provides a protected channel for sending 258 data between the server and the client. The client is often, but not always, a web browser. 259 Memorandum M-15-132 requires that all publicly accessible Federal websites and web services 260 only provide service through a secure connection.3 The initiative to secure connections will 261 enhance privacy and prevent modification of the data from government sites in transit. 262 TLS is a layered protocol that runs on top of a reliable transport protocol – typically the 263 Transmission Control Protocol (TCP). Application protocols, such as the Hypertext Transfer 264 Protocol (HTTP) and the Internet Message Access Protocol (IMAP), can run above TLS. TLS is 265 application independent, and used to provide security to any two communicating applications 266 that transmit data over a network via an application protocol.

img
NIST SP800-52.pdf

TLS communications to protect sensitive data transmitted through the Internet. Many books such as [Rescorla01], [Comer00], and [Hall00] describe the Internet’s client-server model and communication protocol design principles. None guide Federal users and system administrators to adequately protect sensitive but unclassified Federal Government data against the most serious threats on the World Wide Web – eavesdropping, data tampering and message forgery. Other books such as [Adams99] and [Housley01] as well as technical journal articles (e.g., [Polk03]) and NIST publications (e.g., [SP800-32]) describe how Public Key Infrastructure (PKI) can be used to protect information in the Internet. It is assumed that the reader of these Guidelines is somewhat familiar with the ISO seven-layer model communications model (also known as the seven-layer stack) [7498], as well as the Internet and public key infrastructure concepts, including, for example, X.509 certificates. If not, the reader may refer to the references cited above in the first paragraph of this introduction for further explanations of background concepts that cannot be fully explained in these Guidelines. These Guidelines briefly introduce computer communications architectural concepts. The Guidelines place the responsibility for communication security at the Transport layer of the OSI seven-layer communications stack, not within the application itself. Protection of sensitive but unclassified Government information can adequately be accomplished at this layer when appropriate protocol options are selected and used by clients and servers relying on transport layer security. Unfortunately, security is not a single property possessed by a single protocol. Rather, security includes a complex set of related properties that together provide the required information assurance characteristics and information protection services. Security requirements are usually derived from a risk assessment to the threats or attacks an adversary is likely to mount against a system. The adversary is likely to take advantage of implementation vulnerabilities found in many system components including computer operating systems, application software systems, and the computer networks that interconnect them. These guidelines focus only on security within the network, and they focus directly on the small portion of the network communications stack that is referred to as the transport layer. Usually, the best defense against telecommunications attacks is to deploy security services implemented with mechanisms specified in standards that are thoroughly vetted in the public domain and rigorously tested by third party laboratories, by vendors, and by users of commercial off-the-shelf products. Three services that most often address network user security requirements are confidentiality, message integrity and authentication. A confidentiality service provides assurance that data is kept secret, preventing eavesdropping. A message integrity service provides confirmation that data modification is always detected thus preventing undetected deletion, addition, or modification of data. An authentication service provides assurance of the sender or receiver’s identity, thereby preventing forgery.

img
NIST SP800-51rev1.pdf

1.2 Purpose and Scope The purpose of this document is to provide recommendations for using vulnerability naming schemes. The document covers two schemes: CVE and CCE. The document gives an introduction to both schemes and makes recommendations for end-user organizations on using the names produced by these schemes. The document also presents recommendations for software and service vendors on how they should use vulnerability names and naming schemes in their product and service offerings. 1.3 Audience The intended audience for this document is individuals who have responsibilities related to vulnerability management. 1.4 Document Structure The remainder of this document is organized into the following major sections and appendices:  Section 2 provides an overview of CVE and CCE.  Section 3 gives recommendations to end-user organizations on using CVE and CCE.  Section 4 makes recommendations for how IT product and service vendors should adopt CVE and CCE within their product and service offerings.  Appendix A defines acronyms and abbreviations for the document.  Appendix B lists related resources.

img
NIST SP800-51.pdf

This document provides guidelines for federal organizations’ acquisition and use of security-related information technology (IT) products and services. NIST’s advice is provided in the context of larger recommendations regarding security assurance (see NIST Special Publication 800-23, http://csrc.nist.gov). This document has been developed by NIST in furtherance of its statutory responsibilities (under the Computer Security Act of 1987 and the Information Technology Management Reform Act of 1996, specifically 15 U.S.C. 278 g-3 (a)(5)). This is not a guideline within the meaning of (15 U.S.C. 278 g-3 (a)(3)). These guidelines are for use by federal organizations which process sensitive information. They are consistent with the requirements of Office of Management and Budget (OMB) Circular A-130, Appendix III. This document may be used by nongovernmental organizations on a voluntary basis. It is not subject to copyright. Nothing in this document should be taken to contradict standards and guidelines made mandatory and binding upon federal agencies by the Secretary of Commerce under statutory authority. Nor should these guidelines be interpreted as altering or superseding the existing authorities of the Secretary of Commerce, the Director of the OMB, or any other federal official. Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experimental procedure or concept adequately. Such identification is not intended to imply recommendation or endorsement by the National Institute of Standards and Technology, nor is it intended to imply that the entities, materials, or equipment are necessarily the best available for the purpose.

img
NIST SP800-50.pdf

Introduction Federal agencies and organizations cannot protect the confidentiality, integrity, and availability of information in today’s highly networked systems environment without ensuring that all people involved in using and managing IT:

img
NIST SP800-49.pdf

1 Introduction S/MIME (Secure / Multipurpose Internet Mail Extensions) is a set of specifications for securing electronic mail. S/MIME is based upon the widely used MIME standard [MIME] and describes a protocol for adding cryptographic security services through MIME encapsulation of digitally signed and encrypted objects. The basic security services offered by S/MIME are authentication, non-repudiation of origin, message integrity, and message privacy. Optional security services include signed receipts, security labels, secure mailing lists, and an extended method of identifying the signer’s certificate(s). S/MIME Version 3 is the latest version of S/MIME. Version 3 is specified in IETF RFCs 2630 through 2634 ([RFC2630], [RFC2631], [RFC2632], [RFC2633], and [RFC2634]). The S/MIME specifications were designed to promote interoperable secure electronic mail, such that two compliant implementations would be able to communicate securely with one another. However, implementations may support different optional services, and the specifications may unintentionally allow multiple interpretations. As a result, different implementations of S/MIME may not be fully interoperable or provide the desired level of security. The S/MIME specifications rely on cryptographic mechanisms and public key infrastructures (PKI) to provide security services. If the cryptographic and PKI components that are used to support the S/MIME implementation are sufficiently robust, users can obtain additional assurance that sufficiently strong cryptographic algorithms are used, and that procedures are in place to protect sensitive information. Conformance to this profile helps to assure that S/MIME implementations will be able to interoperate and provide reasonable assurance to users. The National Institute of Standards and Technology (NIST), Information Technology Laboratory, Computer Security Division, has developed this S/MIME client profile as guidance in the development and procurement of commercial-off-the-shelf (COTS) S/MIME-compliant products. This profile document identifies requirements for a secure and interoperable S/MIME V3 client implementation. NIST is developing tests and testing tools to determine the level of conformance of an S/MIME V3 client implementation with this profile. This profile does not address requirements for network infrastructure components that implement S/MIME V3, such as mail list agents (MLAs) and secure mail gateways (e.g., security guards). Such systems will have significant overlap but will have additional requirements specific to their function.

img
NIST SP800-48r1.pdf

1.1 Authority The National Institute of Standards and Technology (NIST) developed this document in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347. NIST is responsible for developing standards and guidelines, including minimum requirements, for providing adequate information security for all agency operations and assets; however, such standards and guidelines shall not apply to national security systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130, Section 8b (3), “Securing Agency Information Systems,” as analyzed in A-130, Appendix IV: Analysis of Key Sections. Supplemental information is provided in A-130, Appendix III. This guideline has been prepared for use by Federal agencies. It may be used by nongovernmental organizations on a voluntary basis and is not subject to copyright, although attribution is desired. Nothing in this document should be taken to contradict standards and guidelines made mandatory and binding on Federal agencies by the Secretary of Commerce under statutory authority, nor should these guidelines be interpreted as altering or superseding the existing authorities of the Secretary of Commerce, Director of the OMB, or any other Federal official. 1.2 Purpose and Scope The purpose of this document is to provide guidance to organizations in securing their legacy IEEE 802.11 wireless local area networks (WLAN) that cannot use IEEE 802.11i. Details on securing WLANs capable of IEEE 802.11i can be found in NIST Special Publication (SP) 800-97. Recommendations for securely using external WLANs, such as public wireless access points, are outside the scope of this document.

img
NIST SP800-47.pdf

This document has been developed by the National Institute of Standards and Technology (NIST) in furtherance of its statutory responsibilities under the Computer Security Act of 1987 and the Information Technology Management Reform Act of 1996, specifically 15 United States Code (U.S.C.) 278 g-3 (a)(5). This document is not a guideline within the meaning of 15 U.S.C 278 g-3 (a)(3). These guidelines are for use by federal organizations that process sensitive information. They are consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130, Appendix III. This document may be used by nongovernmental organizations on a voluntary basis. It is not subject to copyright. Nothing in this document should be taken to contradict standards and guidelines made mandatory and binding upon federal agencies by the Secretary of Commerce under statutory authority. Nor should these guidelines be interpreted as altering or superseding the existing authorities of the Secretary of Commerce, the Director of the OMB, or any other federal official. 1.2 Purpose This document provides guidance for planning, establishing, maintaining, and terminating interconnections between information technology (IT) systems that are owned and operated by different organizations, including organizations within a single federal agency.

img
NIST SP800-46r1.pdf

The purpose of this document is to assist organizations in mitigating the risks associated with the enterprise technologies used for telework, including remote access servers, telework client devices, and remote access communications. The document emphasizes the importance of securing sensitive information stored on telework devices and transmitted through remote access across external networks. This document provides recommendations for creating telework-related policies and for selecting, implementing, and maintaining the necessary security controls for remote access servers and clients.

img
NIST SP800-46.pdf

This document is intended to assist those responsible – users, system administrators, and management – for telecommuting security, by providing introductory information about broadband communication security and policy, security of home office systems, and considerations for system administrators in the central office. It addresses concepts relating to the selection, deployment, and management of broadband communications for a telecommuting user. This document is not intended to provide a mandatory framework for telecommuting or home office broadband communication environments, but rather to present suggested approaches to the topic.

img
NIST SP800-45v2.pdf

Electronic mail (email) is perhaps the most popularly used system for exchanging business information over the Internet (or any other computer network). At the most basic level, the email process can be divided into two principal components: (1) mail servers, which are hosts that deliver, forward, and store email; and (2) mail clients, which interface with users and allow users to read, compose, send, and store email. This document addresses the security issues of mail servers and mail clients, including Web-based access to mail. Mail servers and user workstations running mail clients are frequently targeted by attackers. Because the computing and networking technologies that underlie email are ubiquitous and well-understood by many, attackers are able to develop attack methods to exploit security weaknesses. Mail servers are also targeted because they (and public Web servers) must communicate to some degree with untrusted third parties. Additionally, mail clients have been targeted as an effective means of inserting malware into machines and of propagating this code to other machines. As a result, mail servers, mail clients, and the network infrastructure that supports them must be protected.

img
NIST SP800-45.pdf

Electronic mail (email) is perhaps the most popularly used system for exchanging information over the Internet (or any other computer network). At the most basic level, the email process can be divided into two principal components: (1) mail servers, which are hosts that deliver, forward, and store mail; (2) clients which interface with users and allow users to read, compose, send, and store email messages. This document addresses the security issues of both mail servers and mail clients. After Web servers, mail servers are the hosts on an organization’s network that are most often targeted by attackers. Because the computing and networking technology that underpins email is ubiquitous, it is well understood and attackers are able to develop attack methods to exploit the technology. Mail servers are also targeted because they (and public Web servers) must communicate to some degree with untrusted third-parties. Additionally, email clients have been targeted as an effective means of inserting malicious code into machines and of propagating this code to other machines. As a result, mail servers, mail clients, and the network infrastructure that supports them must be protected. Examples of email secure issues include the following:

img
NIST SP800-44v2.pdf

The purpose of the Guidelines on Securing Public Web Servers is to recommend security practices for designing, implementing, and operating publicly accessible Web servers, including related network infrastructure issues. Some Federal organizations might need to go beyond these recommendations or adapt them in other ways to meet their unique requirements. While intended as recommendations for Federal departments and agencies, it may be used in the private sector on a voluntary basis. This document may be used by organizations interested in enhancing security on existing and future Web server systems to reduce the number and frequency of Web-related security incidents. This document presents generic principles that apply to all systems. This guideline does not cover the following aspects relating to securing a Web server:

img
NIST SP800-43.pdf

Guidance for Securing Microsoft Windows 2000 Professional System to assist personnel responsible for the administration and security of Windows 2000 Professional (Win2K Pro) systems. This guide is intended for managed environments and should not be applied throughout an enterprise unless trained and competent systems administrators (SA) are available on the staff. Experienced SAs in these managed environments may use this guide to secure local Win2K Pro workstations, Win2K Pro mobile computers, and Win2K Pro computers used by telecommuters. NIST recommends that users who are directly applying this guide to secure their computers have significant competence in the administration of Windows systems. The guide provides detailed information about the security features of Win2K Pro, security configuration guidelines for popular applications, and security configuration guidelines for the Win2K Pro operating system. The guide documents the methods that SAs can use to implement each security setting recommended. The principal goal of the document is to recommend and explain tested, secure settings for Win2K Pro workstations with the objective of simplifying the administrative burden of improving the security of Win2K Pro systems. This guide includes security templates that will enable SAs to apply the security recommendations rapidly. The NIST Windows 2000 Professional Security Templates are text-based configuration files that specify values for security-relevant system settings. The security templates modify several key policy areas of a Windows 2000 Professional system. The policy areas include password policy, account lockout policy, auditing policy, user rights assignment, system security options, event log policy, system service settings, and file permissions. The NISTWin2kProGold.inf security template development was initially based in part on the National Security Agency’s (NSA) Win2K Pro guidance. We examined the NSA settings and guidance and built on the excellent material they developed. NIST conducted extensive analysis and testing of the NSA settings, substantially extended and refined the NSA template settings, and developed additional template settings. NIST developed detailed explanatory material for the template settings, Win2K Pro security configuration, and application specific security configuration guidance. Subsequently, NIST led the development of a consensus baseline of Win2K security settings in collaboration with the public and private sectors; most notably NSA, Defense Information Systems Agency (DISA), the Center for Internet Security (CIS), and the SysAdmin Audit Network Security Institute (SANS). Microsoft also provided valuable technical commentary and advice. The consensus settings are reflected in the NISTWin2kProGold.inf security template. The development of the NISTWin2kProGoldPlus.inf security template was driven by a need for added restrictions to create a more secure Win2K Pro workstation. The NISTWin2kProGoldPlus.inf security template contains all of the settings of the NISTWin2kProGold.inf security template, plus added restrictions on command line executables that could be used by attackers to gather network information or launch malicious files. Many of the restricted executables may be commonly used by users within an organization. Therefore, use caution when applying the security template and make modifications to the security template application restriction settings to conform to local policy before application. The NIST security templates can be rapidly applied to a Windows 2000 Professional operating system using the Security Configuration Tool Set or the command line tool Secedit. Every Win2K Pro system includes these configuration tools, which can be used to analyze, configure, export, and verify the security configuration of a Windows 2000 system. The Security Configuration Tool Set is a graphical user interface (GUI) based tool allowing SAs to centrally test and apply security policies for standalone and

img
NIST SP800-41.pdf

Firewall technology has matured to the extent that today’s firewalls can coordinate security with other firewalls and intrusion detection systems. They can scan for viruses and mali-cious code in electronic mail and web pages. Firewalls are now standard equipment for Internet connections. Home users who connect to commercial Internet service providers via dial-up or via cable/DSL are also using personal firewalls and firewall appliances to secure their connections. Firewalls protect sites from exploitation of inherent vulnerabilities in the TCP/IP protocol suite. Additionally, they help mitigate security problems associated with insecure systems and the problems inherent in providing robust system security for large numbers of com-puters. There are several types of firewalls, ranging from boundary routers that can provide access control on Internet Protocol packets, to more powerful firewalls that can close more vulnerabilities in the TCP/IP protocol suite, to even more powerful firewalls that can filter on the content of the traffic. The type of firewall to use depends on several factors, including the size of the site, the amount of traffic, the sensitivity of systems and data, and the applications required by the organization. The choice of firewall should largely be driven by its feature set, rather than the type of firewall, however. A standard firewall configuration involves using a router with access control capability at the boundary of the organization’s network, and then using a more powerful firewall located behind the router. Firewall environments are made up of firewall devices and associated systems and applica-tions designed to work together. For example, one site may use a firewall environment composed of a boundary router, a main firewall, and intrusion detection systems connected to the protected network and the network between the router and main firewall. To provide secure remote access, the firewall may incorporate a virtual private network (VPN) server to encrypt traffic between the firewall and telecommuters or between the firewall and other sites on the Internet. The firewall environment may incorporate specialized networks for locating externally accessible servers such as for websites and email. The configuration of the firewall environment must be done carefully so as to minimize complexity and man-agement, but at the same time provide adequate protection for the organization’s networks. As always, a policy is essential. Firewalls are vulnerable themselves to misconfigurations and failures to apply needed patches or other security enhancements. Accordingly, firewall configuration and administra-tion must be performed carefully and organizations should also stay current on new vulner-abilities and incidents. While a firewall is an organization’s first line of defense, organiza-tions should practice a defense in depth strategy, in which layers of firewalls and other secu-rity systems are used throughout the network. Most importantly, organizations should strive to maintain all systems in a secure manner and not depend solely on the firewall to stop se-curity threats. Organizations need backup plans in case the firewall fails. This document contains numerous recommendations for choosing, configuring, and main-taining firewalls. These recommendations are summarized in Appendix C.