You should visit the Center for Internet Security
(http://www.cisecurity.org/bench_linux.html). Their consensus baseline
security checklists are a good starting place for a few commonly used
Linux distros. Since this is a "baseline" checklist, you should be
familiar with the distro deployed at your site and the applications
running on those machines. Also, you can use Bastille Linux
(http://www.bastille-linux.org/) in audit mode to get a line on some
issues. Bastille-Linux handles a few more flavors that the CIS
checklists do.
If you've got good change control procedures, good patch management
practices, and are comfortable with permissions your apps have, then you
may be in good shape. But if you have a lot of custom code, then all
bets are off, it becomes less of a sysadmin issue and more of a
developer QA/QC issue.
Good luck on the audit! At least they're not going to come in, run
Nessus or Bastille Linux, and call it good.
Bill...
-----Original Message-----
From: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com]
On Behalf Of urandom character special device
Sent: Sunday, December 17, 2006 4:26 AM
To: security-basics@securityfocus.com
Subject: Linux auditing checklist, documents
I am Linux System Administrator at a telecom provider. Our customer
inform us to send soon independent security auditors to have a look at
our Linux systems. They will have a root password and make an in deep
analysis of the systems.
I wish to prepare. What "commands" and "config files" they will look?
Are there Linux Security Guidelines? They wont use automated tools.
------------------------------------------------------------------------
---
This list is sponsored by: ByteCrusher
Detect Malicious Web Content and Exploits in Real-Time.
Anti-Virus engines can't detect unknown or new threats.
LinkScanner can. Web surfing just became a whole lot safer.
http://www.explabs.com/staging/promotions/xern_lspro.asp?loc=sfmaildetec
t
------------------------------------------------------------------------
---
