Re: Linux Hardening
- From: Stefan Knecht <knecht.stefan@xxxxxxxxx>
- To: G - <georgelza@xxxxxxxxx>
- Date: Wed, 25 Mar 2015 03:43:12 +0700
George, I think you should be asking yourself what you are trying to
achieve or secure. Applying random security standards isn't going to solve
a specific problem.
Think about what you want to protect, and what the extent of "discomfort"
is, that you're willing to accept in order to achieve the relevant security
that makes your clients / managers feel safe. Nowadays, security knows
virtually no limits. The only real limit is your imagination, and your
budget.
PCI/DSS, Sarbanes Oxley, and whatever other standards may exist; they exist
to serve a specific purpose. Securing a system that has nothing whatsoever
to do with credit cards according to PCI/DSS makes little to no sense.
I think if you're looking for very specific recommendations you would be
better off stating what you're trying to protect, and from what kind of
attack vectors. That would enable the list's readers to provide you with
advise in relation to your actual situation.
Stefan
On Wed, Mar 25, 2015 at 12:48 AM, George <georgelza@xxxxxxxxx> wrote:
> Hi Mladen
>
> Thanks, It seems everyone lists that document as the main source.
>
> Let me ask the more security guys a different question, what is the
> different security standards.
> I know of PCI, POPI, Serbians Oxley,
>
> G
>
> On Tue, Mar 24, 2015 at 7:42 PM, Mladen Gogala <
> dmarc-noreply@xxxxxxxxxxxxx> wrote:
>
>> On 03/24/2015 10:56 AM, George wrote:
>>
>>> Hi guys
>>>
>>> Does anyone have a good white paper that covers how/what to change to
>>> harder a Linux OS.
>>>
>>> G
>>>
>>> --
>>> You have the obligation to inform one honestly of the risk, and as a
>>> person
>>> you are committed to educate yourself to the total risk in any activity!
>>>
>>> Once informed & totally aware of the risk,
>>> every fool has the right to kill or injure themselves as they see fit!
>>>
>>
>> There is an official, fairly extensive, paper published by the NSA:
>>
>> https://www.nsa.gov/ia/_files/os/redhat/NSA_RHEL_5_GUIDE_v4.2.pdf
>>
>> The paper can be found on the government's official page about securing
>> operating systems:
>>
>> https://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/
>> operating_systems.shtml#linux2
>>
>>
>> --
>> Mladen Gogala
>> Oracle DBA
>> http://mgogala.freehostia.com
>>
>> --
>> //www.freelists.org/webpage/oracle-l
>>
>>
>>
>
>
> --
> You have the obligation to inform one honestly of the risk, and as a person
> you are committed to educate yourself to the total risk in any activity!
>
> Once informed & totally aware of the risk,
> every fool has the right to kill or injure themselves as they see fit!
>
Other related posts:
