Sysadmin:Security Todo

From UGCS

Jump to: navigation, search

Contents

1 Monitoring services
2 Security Libraries
3 Configuration changes
4 Policy Changes
5 SSH

Monitoring services

Tripwire
Process accounting, especially on Kerberos and AFS servers
Other intrusion detection

Security Libraries

libpam-tmpdir
Check the wrapper scripts for php and cgi scripts

Configuration changes

Make cracklib work
- Done Jdhutchin@ugcs.caltech.edu 00:02, 2 February 2008 (PST)

Policy Changes

Keep researching breaking vectors
Check login machine's auth.log to look for root accesses
Check core server login logs
Implement password expiration for sysadmins
Bootloader passwords
- Done Jdhutchin@ugcs.caltech.edu 00:03, 2 February 2008 (PST)

SSH

Restrict root access with access.conf to logins from charon
- Done Jdhutchin@ugcs.caltech.edu 22:16, 4 February 2008 (PST)
Disable ssh keys
- Done Jdhutchin@ugcs.caltech.edu 22:16, 4 February 2008 (PST)

Retrieved from "http://www.ugcs.caltech.edu/wiki/Sysadmin:Security_Todo"

Views

Personal tools

Log in / create account

Search

Toolbox