The National Institute of Standards and Technology is seeking comment on its draft guidelines for securing servers, released this week. NIST Special Publication 800-123 [1], “Guide to General Server Security,” makes recommendations for securing server operating systems and softwarein addition to maintaining a secure configuration with patches and software upgrades, security testing, log monitoring and backups of data and operating system files. The recommendations apply to a variety of typical servers, such as Web, e-mail, database, infrastructure management and file servers.