Security Basics mailing list archives

RE: Linux auditing checklist, documents

From: "Hayes, Bill" <Bill.Hayes () owh com>
Date: Mon, 18 Dec 2006 14:38:41 -0600

You should visit the Center for Internet Security
(http://www.cisecurity.org/bench_linux.html). Their consensus baseline
security checklists are a good starting place for a few commonly used
Linux distros.  Since this is a "baseline" checklist, you should be
familiar with the distro deployed at your site and the applications
running on those machines. Also, you can use Bastille Linux
(http://www.bastille-linux.org/) in audit mode to get a line on some
issues. Bastille-Linux handles a few more flavors that the CIS
checklists do.

If you've got good change control procedures, good patch management
practices, and are comfortable with permissions your apps have, then you
may be in good shape.  But if you have a lot of custom code, then all
bets are off, it becomes less of a sysadmin issue and more of a
developer QA/QC issue.

Good luck on the audit! At least they're not going to come in, run
Nessus or Bastille Linux, and call it good.

Bill...


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of urandom character special device
Sent: Sunday, December 17, 2006 4:26 AM
To: security-basics () securityfocus com
Subject: Linux auditing checklist, documents

I am Linux System Administrator at a telecom provider. Our customer
inform us to send soon independent security auditors to have a look at
our Linux systems. They will have a root password and make an in deep
analysis of the systems.

I wish to prepare. What "commands" and "config files" they will look?
Are there Linux Security Guidelines? They wont use automated tools.

------------------------------------------------------------------------
---
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetec
t
------------------------------------------------------------------------
---

Current thread:

Linux auditing checklist, documents urandom character special device (Dec 18)
- Re: Linux auditing checklist, documents Saqib Ali (Dec 19)
- RE: Linux auditing checklist, documents Clement Dupuis (Dec 19)
  - RE: Linux auditing checklist, documents Simmons, James (Dec 21)
- RE: Linux auditing checklist, documents Gurpreet Singh (Dec 19)
  - Re: Linux auditing checklist, documents jm (Dec 21)
- Re: Linux auditing checklist, documents Devdas Bhagat (Dec 19)
- <Possible follow-ups>
- RE: Linux auditing checklist, documents Hayes, Bill (Dec 19)
- Re: Linux auditing checklist, documents barcajax (Dec 19)
- RE: Linux auditing checklist, documents Gurpreet Singh (Dec 21)
- Re: Linux auditing checklist, documents jsimmons (Dec 21)