Re: Unix Security Standards, books, tools...

From: Craig Van Tassle (craig@ambrosa.dns04.com)
Date: 12/01/01


Date: Fri, 30 Nov 2001 18:28:45 -0600
From: Craig Van Tassle <craig@ambrosa.dns04.com>
To: SECURITY-BASICS@securityfocus.com


On Wed, Nov 28, 2001 at 06:08:37PM -0800, tony toni wrote:
> Folks,
>
> I recently was assigned the project of developing security standards for our
> Unix environment. We have about 400 unix box's (HP-UX, Sun Solaris, AIX,
> etc)and the admins do their *own thing* with these boxes.
Well that is what some sys-admins do.. what kind of security do they have setup?Do all the unix boxes have individual firewalls. Do you use Kerbos of S/key authentactions? (sorry about my spelling). What about the routers between all the Unix boxes are they locked down or a nice wide open door?
>
> This is not a project I exactly like...I am buried with 20 other
> projects...and I am not Unix guru. For each Unix *flavor*, I need to develop
> Unix security standards that will cover areas like configuration settings,
> defaults, permissions, admin. account, password file, shells, trusts, root,
> patch's, logging, etc.
>
> These are my questions:
>
> (1) Does anyone know where I can quickly get my hands on some high quality,
> concise security standards/templates/checklists? for each Unix *flavor*?
there are many web-pages with this informations on locking down unix. search google for some ideas. check out this web site.. i find it pretty food http://www.deter.com/unix/

Also check out www.secureroot.com and www.securityfocus.com they have a lot of informaion on computer security informaing and good links to other sources.
>
> (2) What about good books/sites on Unix Security?
Maximum Security: a hacker's guide to protecing your internet site and network
Practical UNIX & internet secuity.
Essential System Administration.
Firewall and Internet Security: Repelling the Whily Hacker
Building Internet firewalls
Hacking exposed.
They are all good books availiable at almost any local book store.
I know Borders has a section about computer security. Look there they have a lot of good informaion
>
> (3) What about user friendly software tool(s) that I can periodically use
> to audit the Unix boxes for compliance to the new security standards I
> developed?
If you want user friendly tools. I dont know of many for unix.. i would recomend using something like snort for IDS, and setup scripts to watch for wierd activity.
And rembemer the basic rule of secuity. What is not needed is not installed

>
> Thanks
>
> Tony
> IT Security Manager
> Major Telecommunications Company
>
>
>
>
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
>