[437] in Intrusion Detection Systems
Re: some thoughs
daemon@ATHENA.MIT.EDU (Paul Brooks)
Mon Nov 27 06:36:14 1995
From: "Paul Brooks" <paul@turbosoft.com.au>
To: Benoit Dicaire <BDicaire@NRJ.Com>, ids@uow.edu.au
Date: Mon, 27 Nov 1995 10:22:48 +1000
Reply-To: ids@uow.edu.au
> At 11:42 95-11-20 -0500, Alexander O. Yuriev wrote:
>
> > What are the checks that we perfom before we bring a system onto
> >the netwotk? Do we perform them at all or do we just blindly assume that
> >if there is no patch out there, there is no problem? Is it that we do not
> >want to bother with it or is it that we do not know where to look?
>
> What about a checkmark list of what should be verified before you put a
> machine online ??
>
> You can write a skeleton, share it with us, then *we* (i.e. the list) can adap
> it to every platform.
As a start, AUSCERT has already produced a fairly comprehensive unix
checklist:
ftp://ftp.auscert.org.au/pub/auscert/papers/unix_security_checklit_1.0
(the version number may have changed by now - this is what I
retrieved earlier this year).
I heartily recommend it as a starting point before a machine has
the network cable connected.
-------
Paul Brooks (PB94) | paul@turbosoft.com.au | Ssshhh:
Network Specialist | pwb@newt.phys.unsw.edu.au| take a moment to
TurboSoft Pty Ltd | | listen to the silence
579 Harris St., Ultimo | Ph : +61 2 281 3155 |
Sydney Australia 2007 | Fax: +61 2 281 3350 |
