Firewall Wizards mailing list archives
Re: Query on OS hardening
From: m p <sumirati () yahoo de>
Date: Mon, 17 Feb 2003 14:41:29 +0100 (CET)
--- Tim Chettle <tim.chettle () orange net> schrieb:
My question is as to what methods people use to manage and monitor the underlying Unix operating systems on the firewalls. SNMP doesnt seem the best thing to be running on the Firewall itself so how would people suggest that i monitore the OS
At the last customer I worked for we developed a small program which takes connections via SSL. On the firewall was an access list for the managment servers to allow connections to that port. Upon connect the IP and a pre-shared secret was checked. A simple string was passed to the server. That string was checked against a list on a per IP base with allowed/disallowed parameters. Then predefined shell scripts with the correct parameter settings were executed. STDOUT of ps, df, du, .... was passed back to the client. 2 weeks at max to write up the code again if you work fulltime on it. Sadly the company would not release the code to the public. Marc __________________________________________________________________ Gesendet von Yahoo! Mail - http://mail.yahoo.de Bis zu 100 MB Speicher bei http://premiummail.yahoo.de _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Query on OS hardening Tim Chettle (Feb 14)
- Re: Query on OS hardening m p (Feb 17)
- Re: Query on OS hardening Volker Tanger (Feb 17)
- Re: Query on OS hardening Carson Gaspar (Feb 20)
- Re: Query on OS hardening John Adams (Feb 20)
- Re: Query on OS hardening Volker Tanger (Feb 20)
- Re: Query on OS hardening Volker Tanger (Feb 17)
- Re: Query on OS hardening m p (Feb 17)