SUMMARY: Programs/scripts to perform security checks
VinetteD_at_stentor.ca
Date: 06/25/03
- Previous message: Moughan, Laurence: "Help - my Dualheaded blades change both workspaces in CDE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: sunmanagers@sunmanagers.org Date: Wed, 25 Jun 2003 16:11:37 -0400
Hello,
Thanks to all the responses I received regarding this query. The majority
opinion has been the Center for Internet Security's (www.cisecurity.org)
benchmark tools. Their use of a score system can provide a good metric for
management when they ask "did the changes improve security". Their explanations
of how to fix a problem are also understandable. Other helpful suggestions have
been...
- Titan (http://www.fish.com/titan/) to help lock down a system since it can be
easily scripted to apply to a new system
- SARA (Security Auditors Research Assistant) http://www-arc.com/sara/
-
http://www.iss.net/products_services/enterprise_protection/vulnerability_assessment/scanner_system.php
- going through inetd.conf and turning off anything not required
- secure shell (SSH)
- tripwire
Regards,
David
_____________________________________________________________________________________
Hello,
We have some systems running Solaris 2.6 & Solaris 8 and we want to test
the boxes from a security point of view. I was wondering what program or
scripts people would suggest that could be run on these boxes to test their
security levels and generate a report with recommendations for resolving issues
(i.e. patches, processed stopped, file permissions, etc). Any thoughts are
appreciated.
Thanks in advance,
David
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
- Previous message: Moughan, Laurence: "Help - my Dualheaded blades change both workspaces in CDE"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
