Security & Digital Certificates
Biometrics, Digital certificates, Firewalls, Forensics, Identity & Access Management, Incident response, Intrusion management, Network security, provisioning, Security, Security tokens, Single sign-on, VPN, Wireless
1)Services which can pose risks to the web server security?
2)Why is it advisable to have a stand-alone computer for a Registration Authority?
Thanks.
Software/Hardware used:
Software/Hardware used:
ASKED:
December 28, 2005 8:02 PM
UPDATED:
January 7, 2006 4:02 PM
Answer Wiki:
There are many services that can pose problems. It also depends on the underlying operating system that you are using. NIST has a good publication that should help you out on this "Guidelines on Securing Public Web Servers" http://csrc.nist.gov/publications/nistpubs/800-44/sp800-44.pdf I would also recommend that you look into a penetration test for your server. Let me know if you need any more info on pen testing as my company offers these services.
One answer to your second question would be that you can lock down the services better and reduce the risk of a compromise to the system.
Steve
To see all answers submitted to the Answer Wiki: View Answer History.
It is always advisable to have any critical server as a standalone server from the security standpoint. This server is going to have the certificate details and information related with keys and you surely don’t want to share this system with some other function. By having it as a standalone system, you could restrict access for only those administrators who support with your PKI infrastructure while locking everyone out.
-Ajay