[Gllug] Audit Season...

Alain Williams addw at phcomp.co.uk
Tue Jun 23 18:44:46 UTC 2009


On Tue, Jun 23, 2009 at 07:24:18PM +0100, Simon Morris wrote:
> Just for the groups amusement.
> 
> I've been asked to run the following commands on our Linux/Unix systems
> by an internal auditor.
> 
> My questions are.. (1) What century does the auditor think it is and (2)
> does this request demonstrate any proficiency in auditing these types of
> systems.

So, what are you going to do?

1) Run the commands that he asked you to and get to leave the office early.

2) Explain that his instructions are so last millenium and show how
   they should be redone with 'less' and /etc/shadow. Get to leave on time.

3) Do (2) and then:
   a) explain why you have not got selinux switched on
   b) show the output of rkhunter that you do run
   c) show your nagios config
   d) ...
   Get to leave the office at midnight.

-- 
Alain Williams
Linux/GNU Consultant - Mail systems, Web sites, Networking, Programmer, IT Lecturer.
+44 (0) 787 668 0256  http://www.phcomp.co.uk/
Parliament Hill Computers Ltd. Registration Information: http://www.phcomp.co.uk/contact.php
Past chairman of UKUUG: http://www.ukuug.org/
#include <std_disclaimer.h>
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list