Monday, 3 March 2008

Not a great amount tonight

I am working on completing Chapter 23 of my upcoming technical audit book, Auditing Unix and Linux. I have this and Web audit this week to complete and these chapters are a little more detailed then some of the others - so do not expect too much this week.

The material covered in the chapter includes;

Patching and Software Installation
· The Need for Patches
· Obtaining and Installing System Patches
· Validating the Patch Process
Minimizing System Services
· Guidance for Network Services
· Controlling Services at Boot Time
· inetd and xinetd
· Authentication Validation
Logging
· Syslog and Other Standard Logs
· System Accounting
· Process Accounting
Access Control
· Usernames, UIDS, the Superuser
· Blocking Accounts, Expiration, etc.
· Restricting Superuser Access
· Disabling .rhosts
Additional Security Configuration
· File System Access Control
· Kernel Tuning for Security
· Security for the cron System
Backups and Archives
· tar, dump, and dd
· Tricks and Techniques
Auditing to Create a Secure Configuration
· Building Your Own Auditing Toolkit
· File Integrity Assessment
· Fine Points of Find
Auditing to Maintain a Secure Configuration
· Reading Logfiles
· Password Assessment Tools
· Risk Assessment
· What Tools to Use
· How to Go About It
Auditing to Determine What Went Wrong
· Finding Hidden Disk Space
· Event Reconstruction
· Identifying Back Doors
· Anatomy of a Rootkit

No comments: