Professional Web Applications Themes

How to check whether system is OS hardened? - Linux / Unix Administration

How do we check whether the system is OS hardened or not. I am aware of only the following: - To check whether tcpd(TCP wrapper) is running or not -> ps -eaf|grep tcpd - To check whether JASS packages are installed -> pkginfo|grep -i jass Are there better alternatives to check it?...

  1. #1

    Default How to check whether system is OS hardened?

    How do we check whether the system is OS hardened or not.

    I am aware of only the following:
    - To check whether tcpd(TCP wrapper) is running or not -> ps
    -eaf|grep tcpd
    - To check whether JASS packages are installed -> pkginfo|grep -i jass

    Are there better alternatives to check it?

    qazmlp1209@rediffmail.com Guest

  2. #2

    Default Re: How to check whether system is OS hardened?

    In comp.unix.solaris com wrote: 

    Endless ones. First of all, make sure you realise that 'hardened' isn't
    a binary function: a computer isn't either hardened or not, but rather
    is going to be harder than some arbitrary watermark. If you have a standard
    in place, then hardened means hardened to that standard. If you don't, then
    who knows what's meant by the term?

    At any rate, grep for running services in /etc/inetd.conf. nmap the box
    from another machine on the same subnet, and see what ports are open.
    Look for .rhosts files, check for root console login in /etc/default/login,
    see if random packet numbers are enabled. Are unnecessary /etc/rcX.d
    services getting started? Is tripwire or aide installed? How about logging--
    is stuff being forwarded to a central log server?

    You can keep hardening a box until a live network connection isn't even an
    access point, but it's probably not a lot of use. The real key to hardening
    a box successfully is twofold: (a) define what constitutes hardened, and
    (b) defining (and running) the tests against that standard.

    Colin
    Colin Guest

  3. #3

    Default Re: How to check whether system is OS hardened?

    com <com> wrote: 

    Those are only examples of how hardening (automagically or manually) can
    be approached. You can only determine (part of!) what has been done this
    way, but hardly what hasn't been done, or what else has been done.
     

    Actually test. Vuln-scanners, etc.
    E.g. run nessus - recent version - against it.

    Nessus is free but has received one of the best results in a recent test
    by the German professional IT rag, iX.

    Note that if the computers you do this on, or even the network you test
    the attacks over, do not belong to you (I'm not insinuating anything,
    but e.g. you might be in a consulting role), you *must* talk this over
    with somebody who controls the boxen/infrastructure beforehand.

    lg, Bernd
    --
    When emailing me, excuse my annoing spamfilter - it works for me.
    Bernd Guest

Similar Threads

  1. How to check the system?
    By Joe in forum AIX
    Replies: 3
    Last Post: January 27th, 09:48 AM
  2. Replies: 3
    Last Post: January 18th, 10:55 AM
  3. MD5 System Password check with PHP
    By Chinmoy Barua in forum PHP Development
    Replies: 6
    Last Post: August 26th, 03:58 PM
  4. I want to check a file in system directory of windows
    By farshix webforumsuser@macromedia.com in forum Macromedia Director Lingo
    Replies: 1
    Last Post: August 9th, 07:28 PM
  5. Replies: 1
    Last Post: July 18th, 08:48 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139