Re: Linux hardening
From: Glynn Clements (glynn_at_gclements.plus.com)
Date: 08/26/05
- Previous message: Pär Johansson: "Re: Linux hardening"
- In reply to: Norwich University - Information Security: "Re: Linux hardening"
- Next in thread: christoph.puetz_at_thomson.com: "RE: Linux hardening"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 26 Aug 2005 22:47:50 +0100 To: infosec@norwich.edu
Norwich University - Information Security wrote:
> Since we're talking about Linux hardening...
>
> What do folks suggest as far as files that should be monitored with
> integrity checking tools? Obviously, tmp files and other frequently
> changed files are out of the question, and it is also impractical to do
> checking on all other files. Does anyone have a best practices list or
> suggestions of what files are critical to monitor with integrity checking?
Anything in: bin boot dev etc lib opt sbin usr
although you can exclude stuff like documentation from /usr.
You can exclude most of: home mnt proc root tmp var
Although sometimes services live under /home (e.g. /home/httpd), in
which case you might need to monitor such directories.
-- Glynn Clements <glynn@gclements.plus.com>
- Previous message: Pär Johansson: "Re: Linux hardening"
- In reply to: Norwich University - Information Security: "Re: Linux hardening"
- Next in thread: christoph.puetz_at_thomson.com: "RE: Linux hardening"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
