Security Basics mailing list archives
Re: Linux auditing checklist, documents
From: Devdas Bhagat <devdas () dvb homelinux org>
Date: Tue, 19 Dec 2006 13:30:58 +0530
On 17/12/06 11:25 +0100, urandom character special device wrote:
I am Linux System Administrator at a telecom provider. Our customer inform us to send soon independent security auditors to have a look at our Linux systems. They will have a root password and make an in deep analysis of the systems.
am not quite sure I would allow a random third party root access to my servers.
I wish to prepare. What "commands" and "config files" they will look? Are there Linux Security Guidelines? They wont use automated tools.
I am not an auditor, so take this with a pinch of salt: Lots of Linux security guidelines on the net. Personally, I would look at permissions on config files, up-to-dateness of patches, running processes, and a comparison of your configuration against your security policy. Devdas Bhagat
Current thread:
- Linux auditing checklist, documents urandom character special device (Dec 18)
- Re: Linux auditing checklist, documents Saqib Ali (Dec 19)
- RE: Linux auditing checklist, documents Clement Dupuis (Dec 19)
- RE: Linux auditing checklist, documents Simmons, James (Dec 21)
- RE: Linux auditing checklist, documents Gurpreet Singh (Dec 19)
- Re: Linux auditing checklist, documents jm (Dec 21)
- Re: Linux auditing checklist, documents Devdas Bhagat (Dec 19)
- <Possible follow-ups>
- RE: Linux auditing checklist, documents Hayes, Bill (Dec 19)
- Re: Linux auditing checklist, documents barcajax (Dec 19)
- RE: Linux auditing checklist, documents Gurpreet Singh (Dec 21)
- Re: Linux auditing checklist, documents jsimmons (Dec 21)