Vulnerability Assessment of a EAL 4 system
- From: Subbarao Chitturi <subbarau_2004@xxxxxxxxx>
- Date: Wed, 1 Nov 2006 02:13:21 -0800 (PST)
I am looking at a Linux server which has been
accredited as a EAL4 system by IBM. During the
assessment, I was looking for standard Linux
protections like iptables, ssh etc. On this server,
there is no iptables.
Regardless, I would like to know how to evaluate a EAL
4 system. What do you need to look for in the EAL 4
system in production that could become vulnerable?
Thank you in advance for any help.
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
- Follow-Ups:
- Re: Vulnerability Assessment of a EAL 4 system
- From: Jason Muskat, GCFA, GCUX, de VE3TSJ
- Re: Vulnerability Assessment of a EAL 4 system
- Prev by Date: Re: File Integrity Monitoring
- Next by Date: Re: File Integrity Monitoring
- Previous by thread: Re: File Integrity Monitoring
- Next by thread: Re: Vulnerability Assessment of a EAL 4 system
- Index(es):
Relevant Pages
|
|
