Add a best practice description on logging security events

[ereshetova]

If a WoT Servient enforces security authentication & authorization on its provided web interfaces, it is a good practice to log these events (especially unsuccessful, i.e rejects) since they latter can be analyzed if security audit is performed.

[mmccool]

Any other best practices we could recommend? Some possibilities:

• IP Jail (block IPs that try too many times to guess a password)
• Firewalls so devices can only do what they are supposed to be doing (related to MUDs), including outgoing connections
• Isolated networks; small security domains
• Rate-limiting connection attempts
• Frequent security audits
• Password rotation (and always change default passwords)
• Integrity checks

One question is: are these appropriate, or should we be referring to another document?
Not to suggest that THIS issue won't be resolved after just adding logging, but if any of the above make sense we can add issues for them.