Guidelines on Security Audit
Adam Miller
maxamillion at gmail.com
Fri Oct 9 04:26:57 UTC 2009
Nessus, Google for it: 'nessus'.
Oh, did I mention nessus?
-Adam
(From Android)
On Oct 8, 2009 4:34 PM, <m.roth at 5-cent.us> wrote:
> Greetings. My employer has purchased a smaller company which has > two
servers running RHEL 5.1. ...
Several things: first, if the other company purchased it as a turnkey
solution, you should find out if they still have support; if so, support
should help you with this.
Second, there are a number of security scanners - I haven't done it in a
while, and don't remember which I used.
Finally, many if not most of the NIST's recommendations are based on
Bastille Linux. This is *not* a distro, but a set of hardening scripts
that will walk you through about 20 pages or so of questions, and then
shut down everything that doesn't need to be open, or running, and fix
permissions.
I've used that on my own firewall/router at home, and have been on
broadband for nine or ten years, and have not had a single intrusion, to
the best of my knowledge.
Hope this helps.
mark
-- redhat-list mailing list unsubscribe mailto:
redhat-list-request at redhat.com?subject=unsubscribe ...
More information about the redhat-list
mailing list