Focus on Linux
Linux Audit Aug 17 2006 06:06AM
Mohammad Hadidi (mohammad hadidi gmail com) (4 replies)
Re: Linux Audit Aug 21 2006 02:26AM
Michael Boman (michael boman gmail com)
Re: Linux Audit Aug 20 2006 11:46PM
druid stonedcoder org
I would also be interested, my own checklist in the past has been:
1) no remote root login via ssh
2) every user in /etc/passwd with a valid shell has a secure pw
3) only 1 service (not including ssh) accessible remotely
4) IPtables rules very specifically allowing only authorized ingress and
egress
5) up2date and rhn subscribed and working

This is just what I can remmber at the moment, there are a lot of fixes I
put in when I am sitting at the console and remember, and most of the
really relevant fixes are service specific, perhaps it would help if you
specified what services you are concerned about? I assume you are
referring to a server set up with RHEL, if you are referring to a WS, that
is a whole 'nother can of worms.

On Thu, 17 Aug 2006, Mohammad Hadidi wrote:

> Hi all,
>
>
>
> I was wondering if anyone can recommend a Linux Audit checklist or
> template especially on Red hat.
>
>
>
>
> Thanks
>

[ reply ]
Re: Linux Audit Aug 18 2006 03:35PM
Francisco Pecorella (fpecor cantv net) (1 replies)
Re: Linux Audit Aug 21 2006 05:40PM
Jeffrey Chandler (jeffrey chandler gmail com)
Re: Linux Audit Aug 18 2006 03:33PM
Manuel Arostegui Ramirez (manuel todo-linux com)


 

Privacy Statement
Copyright 2010, SecurityFocus