Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

basics logo Security Basics mailing list archives

Re: Linux auditing checklist, documents
From: "Saqib Ali" <docbook.xml () gmail com>
Date: Mon, 18 Dec 2006 14:54:24 -0500
Depends on what kind of auditors you are getting. For e.g. SOX
Auditors don't really look at the system, they just look at the
process and procedures.

http://www.bastille-linux.org/ is good place to start on securing the OS.

Also see:
http://www.certconf.org/presentations/2006/files/WC4.pdf

saqib
http://www.full-disk-encryption.net



On 12/17/06, urandom character special device <urandomdev () gmail com> wrote:

I am Linux System Administrator at a telecom provider. Our customer
inform us to send soon independent security auditors to have a look at
our Linux systems. They will have a root password and make an in deep
analysis of the systems.

I wish to prepare. What "commands" and "config files" they will look?
Are there Linux Security Guidelines? They wont use automated tools.

---------------------------------------------------------------------------
This list is sponsored by: ByteCrusher

Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.

http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetect
---------------------------------------------------------------------------





--
Saqib Ali, CISSP, ISSAP
http://www.full-disk-encryption.net

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]