Re: resources for system level security?
- From: Artis Schlossberg <artis@xxxxxxxxxx>
- Date: Sat, 10 Dec 2011 21:03:17 +0100
For Linux, a good starting point is a hardening guide by NSA:
http://people.redhat.com/sgrubb/files/hardening-rhel5.pdf
Although it covers RHEL specifically, many points apply to other
distributions too.
I'd then also look at checklist provided by SANS Institute:
http://www.sans.org/score/checklists/linuxchecklist.pdf
Guide to General Server Security from NIST is also worth mentioning:
http://csrc.nist.gov/publications/nistpubs/800-123/SP800-123.pdf
These are a good starting point, not an exhaustive material on the
subject matter.
There are some good books that cover this; search your library.
---Artis
2011/12/6 최봉환 <zilly1@xxxxxxxxx>:
Hi all,
I started to work of focusing on linux system level security. Mostof the servers are providing web services.
Although I have been working on application pen testing, I havelittle experience to handle with security issues of system or OSitself.
Could you recommend where I should start for it?
(useful books, web sites, or concepts/terminology I have tounderstand)
Any advice would be highly appreciated.
------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board
Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org
------------------------------------------------------------------------
- References:
- resources for system level security?
- From: 최봉환
- resources for system level security?
- Prev by Date: Call for Papers -YSTS 6 - Security Conference, Brazil
- Next by Date: [HITB-Announce] HITB2012AMS Call For Papers Now Open
- Previous by thread: resources for system level security?
- Next by thread: Call for Papers -YSTS 6 - Security Conference, Brazil
- Index(es):
Relevant Pages
|
