Security Basics mailing list archives
RE: Linux auditing checklist, documents
From: "Simmons, James" <jsimmons () eds com>
Date: Tue, 19 Dec 2006 14:39:20 -0600
DISA came out with a listing of Security Technical Implementation Guides (Stigs) that are used as a baseline for all DoD systems. Everything from Web Servers, *nix, Windows, even go into Databases, and VoIP. Good place to start, and if you do some digging you will see they have a checklist, and some scripts if you wish to run them. http://iase.disa.mil/stigs/stig/index.html Regards, J.A. Simmons V EDS - Navy Marine Corps Intranet (NMCI) Information Assurance Engineer jsimmons () eds com -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Clement Dupuis Sent: Monday, December 18, 2006 8:54 PM To: 'urandom character special device'; security-basics () securityfocus com Subject: RE: Linux auditing checklist, documents You must visit http://www.cisecurity.org/ They have great benchmark and checklist. Have fun Clement http://www.cccure.org http://www.professionalsecuritytesters.org -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of urandom character special device Sent: Sunday, December 17, 2006 5:26 AM To: security-basics () securityfocus com Subject: Linux auditing checklist, documents I am Linux System Administrator at a telecom provider. Our customer inform us to send soon independent security auditors to have a look at our Linux systems. They will have a root password and make an in deep analysis of the systems. I wish to prepare. What "commands" and "config files" they will look? Are there Linux Security Guidelines? They wont use automated tools. ------------------------------------------------------------------------ --- This list is sponsored by: ByteCrusher Detect Malicious Web Content and Exploits in Real-Time. Anti-Virus engines can't detect unknown or new threats. LinkScanner can. Web surfing just became a whole lot safer. http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetec t ------------------------------------------------------------------------ ---
Current thread:
- Linux auditing checklist, documents urandom character special device (Dec 18)
- Re: Linux auditing checklist, documents Saqib Ali (Dec 19)
- RE: Linux auditing checklist, documents Clement Dupuis (Dec 19)
- RE: Linux auditing checklist, documents Simmons, James (Dec 21)
- RE: Linux auditing checklist, documents Gurpreet Singh (Dec 19)
- Re: Linux auditing checklist, documents jm (Dec 21)
- Re: Linux auditing checklist, documents Devdas Bhagat (Dec 19)
- <Possible follow-ups>
- RE: Linux auditing checklist, documents Hayes, Bill (Dec 19)
- Re: Linux auditing checklist, documents barcajax (Dec 19)
- RE: Linux auditing checklist, documents Gurpreet Singh (Dec 21)
- Re: Linux auditing checklist, documents jsimmons (Dec 21)