UNIX hardening

Nowadays, when most of information are processed electronically, servers is the key technical measure on the field of information security. Our UNIX system configuration security audit service finds security weaknesses and helps you apply technical recommendations to remove them.

We help you to harden your UNIX systems and reduce potential attacks from internal network and with finding out an optimal balance between security and operation needs. From our side, security audit is documented in such form, which enable customers to evolve this area internally.

Supported systems

Platforms, which are supported by our audit services:

  • HP-UX (PA-RISC, IA64)

  • Sun Solaris (SPARC)

  • IBM AIX (POWER)

  • Linux (x86, AMD64) – commercial (RedHat, SuSE) and non-commercial distributions (CentOS, Debian, Fedora, Ubuntu)

Security audit needs short configuration data collection (less than 1 hour) on an audited server – remote access is sufficient. Data collection is made with server administrator’s assistance via administrator’s account. Collected configuration data are processed outside of a customer’s seat.

Audit scope

The scope of evaluated area depends on UNIX system type, generally the following areas are covered:

IDArea
1.Installed OS version
2.OS Patches
3.Installed software
4.System startup (blacklist)
5.CRON/AT – privileges (cron.allow/at.allow)
6.Kernel Configuration
7.System Environment
8.Password policy
9.Problematic user accounts
10.Local Group Membership
11.Files/Devices with High-risk Access Rights
12.CRONTAB Jobs – Access Rights
13.ENV (PATH etc.) – Access Rights
14.Network Configuration
15.Inetd Configuration
16.Open Ports (TCP/UDP)
17.Network Services Configuration (apache, SMTP, SNMP, ssh, etc.)

In the case of special customer’s requirements we are prepared to change scope and depth of the audit accordingly.

Any questions?

If you are interested in more details please contact us.

Ask by e-mail