Re: tool to check security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



ESG,

There are plenty of resources on the Internet that will provide the type of information you are seeking.  A commercial tool that is popular and I imagine expensive is RETINA.  It compares the content of your system against known vulnerabilities among other things.  (http://www.eeye.com/Products/Retina.aspx?src=AdWords&medium=PPC&campaign=brand-retina&kw=retina%20vulnerability%20scanner&ad=5752100123)

You can also look at NIST web pages for SCAP and OVAL for tools that may help you with securing your system.  And while I would not recommend following it to the letter, there is a huge amount of tips and suggestions in the NSA SNAC Guide available here:
http://www.nsa.gov/ia/_files/os/redhat/rhel5-guide-i731.pdf

You may also want to consider reading up on the NIST Common Criteria/Protection Profiles that companies such as HP and IBM have developed to secure their systems with an Evaluated Assurance Level of 4 (EAL4).

Lastly, not upgrading your system to the latest RHEL release is going to negate any efforts you apply to this system because there have been many updates to the OS that mitigate a great deal of these vulnerabilities.

Hopefully with all the input provided to this point will give you plenty to work with.

Paul


On Feb 01, 2011, at 12:07 PM, ESGLinux <esggrupos@xxxxxxxxx> wrote:


Thanks you for your answers

First, I can´t update to 5.6 because dependencies of the applications
installed on it.

Second,

I have run nessus and nmap from outside the machine to get the problems that
a remote user can check.

What I want now is to check the problems like:
- current kernel 2.6.18-53.el5 has pottential security problems... (CVE,
...)
- the user John has not password and a valid shell....
- given a package which CVEs affects this package

Something like these.

I´m going to give a try to bastille although the tool I´m looking for was a
shell command....

Thanks again,

ESG












2011/2/1 <m.roth@xxxxxxxxx>

ESGLinux wrote:
>
> I have received a machine with RHEL 5.1installed and I have to put in a
> production enviroment with other machines I have installed.

First, I'd yum update or up2date it to the current 5.5 (5.6?).
>
> I haven´t installed this machine and I want to check if it is secured and
> it can´t make problems with my systems.
>
> Long time ago I used a tool that your run on a system (perhaps it was a
> Suse... I used to work with Suse in the past) and it gave me a report for
> possible security problems but I can´t remmember which tool was.
>
> Any one knows a tool that makes this work?

There are a number of tools, but it depends on what you want to do with
the box. For example, nmap will scan ports. On the other hand, there's my
favorite, Bastille Linux, which is not a distro, but a package that's a
set of hardening scripts, and will walk you through shutting down or
removing everything you don't need. I've used that on a box I was using
for years as a firewall/router.

So, what do you want to do with the box?

mark

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list



[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux