[Gllug] Audit Season...
Jose Luis Martinez
jjllmmss at googlemail.com
Wed Jun 24 08:13:21 UTC 2009
On Tue, Jun 23, 2009 at 7:44 PM, Alain Williams<addw at phcomp.co.uk> wrote:
> On Tue, Jun 23, 2009 at 07:24:18PM +0100, Simon Morris wrote:
>> Just for the groups amusement.
>>
>> I've been asked to run the following commands on our Linux/Unix systems
>> by an internal auditor.
>>
>> My questions are.. (1) What century does the auditor think it is and (2)
>> does this request demonstrate any proficiency in auditing these types of
>> systems.
>
> So, what are you going to do?
>
> 1) Run the commands that he asked you to and get to leave the office early.
>
> 2) Explain that his instructions are so last millenium and show how
> they should be redone with 'less' and /etc/shadow. Get to leave on time.
>
> 3) Do (2) and then:
> a) explain why you have not got selinux switched on
> b) show the output of rkhunter that you do run
> c) show your nagios config
> d) ...
> Get to leave the office at midnight.
>
> --
It really depends.
If it is an external auditor one does as one is asked and that is it.
You may want to ruffle some feathers and report why the audit is
inadequate.
If it is an internal auditor then there may be some scope for your
feedback in order to improve internal auditing in the future, after
all internal audit is carried out by the company itself as due
diligence. I would consider lack of professionalism not to follow up
internal audits with all the pertinent suggestions to improve it and
bad management not to provide a process to receive feedback from the
people actually administering the systems.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list