Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Vulnerability Assessment of a EAL 4 system

From: Subbarao Chitturi <subbarau_2004 () yahoo com>
Date: Wed, 1 Nov 2006 02:13:21 -0800 (PST)
I am looking at a Linux server which has been
accredited as a EAL4 system by IBM.  During the
assessment, I was looking for standard Linux
protections like iptables, ssh etc.  On this server,
there is no iptables.

Regardless, I would like to know how to evaluate a EAL
4 system.  What do you need to look for in the EAL 4
system in production that could become vulnerable?

Thank you in advance for any help.


---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: