[REVS] Linux Security Configuration Document
From: support@securiteam.comDate: 03/26/02
- Previous message: support@securiteam.com: "[REVS] Apache Security Configuration Guide"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Tue, 26 Mar 2002 11:43:55 +0100 (CET)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Linux Security Configuration Document
------------------------------------------------------------------------
SUMMARY
The team at InterSect Alliance has developed recommended security
configuration guides for the Linux operating system for various customers,
and has decided to provide the community with access to the more general
recommendations.
Included here as a security checklist for the Linux Operating System
(distribution independent) that is designed to provide security
administrators with a method of configuring an installation based on the
agreed security risk profile of the target system.
The security configuration document divides recommendations into levels
"Premium", "Standard", and "Basic", and covers a variety of installation,
configuration and ongoing management tasks, including:
* Initial Installation
* Network Services
* System Accounts and User Rights
* File and Object Access
* Network Access Control
* System Auditing
DETAILS
Introduction:
The following is a recommended security checklist for Linux hosts. This
document should be used as a guide to the installation and configuration
of Linux Servers and Workstations in conjunction with an agreed security
plan for the identified system. The document is designed for use by
experienced IT administrators.
Some of the settings may be dependant on the patch levels of the
components in use, and therefore differences may exist between this
document and the actual file paths and access control settings on your
machine. Users are encouraged to notify Intersect Alliance of any errors
or omissions.
The security configuration parameters that are graded according to
arbitrary levels of PREMIUM, STANDARD or BASIC. These ratings are relative
and should not be read in absolute terms. A number of security grades
refer to a "risk assessment". It is strongly recommended that a security
risk assessment be used to ensure that the most appropriate grade is
chosen for a given production environment.
ADDITIONAL INFORMATION
The complete guide can be downloaded from:
<http://www.intersectalliance.com/projects/LinuxConfig/index.html>
http://www.intersectalliance.com/projects/LinuxConfig/index.html
The information has been provided by
<mailto:Leigh.Purdie@intersectalliance.com> Leigh Purdie.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[REVS] Apache Security Configuration Guide"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
