¨Configure firewall to limit incoming/outgoing
traffic to applications (eg. DNS, email, WWW, FTP) that have a business need
¨Systems should be listening only on
ports that
have a business need
¨Systems should have the latest
security patches
¨Know what process are commonly
running on your systems so that you can rogue server process
¨