Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Linux auditing checklist, documents

From: "Saqib Ali" <docbook.xml () gmail com>
Date: Mon, 18 Dec 2006 14:54:24 -0500
Depends on what kind of auditors you are getting. For e.g. SOX
Auditors don't really look at the system, they just look at the
process and procedures.

http://www.bastille-linux.org/ is good place to start on securing the OS.

Also see:
http://www.certconf.org/presentations/2006/files/WC4.pdf

saqib
http://www.full-disk-encryption.net



On 12/17/06, urandom character special device <urandomdev () gmail com> wrote:

I am Linux System Administrator at a telecom provider. Our customer
inform us to send soon independent security auditors to have a look at
our Linux systems. They will have a root password and make an in deep
analysis of the systems.

I wish to prepare. What "commands" and "config files" they will look?
Are there Linux Security Guidelines? They wont use automated tools.

---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------





--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net
Previous By Date Next
Previous By Thread Next

Current thread: