Security Basics mailing list archives
Vulnerability Assessment of a EAL 4 system
From: Subbarao Chitturi <subbarau_2004 () yahoo com>
Date: Wed, 1 Nov 2006 02:13:21 -0800 (PST)
I am looking at a Linux server which has been accredited as a EAL4 system by IBM. During the assessment, I was looking for standard Linux protections like iptables, ssh etc. On this server, there is no iptables. Regardless, I would like to know how to evaluate a EAL 4 system. What do you need to look for in the EAL 4 system in production that could become vulnerable? Thank you in advance for any help. --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Vulnerability Assessment of a EAL 4 system Subbarao Chitturi (Nov 01)
- Re: Vulnerability Assessment of a EAL 4 system Jason Muskat, GCFA, GCUX, de VE3TSJ (Nov 03)