Security improvement list

install minimal software
1. using trusted signed OS iso images
2. using server role based kick start

install trusted software
1. use own signed yum repository
2. use signed rpm packages
3. check the signature of the package to verify its integrity
4. install only signed rpm packages from signed yum repository

plan and configure security updates
1. adjusting automatic updates
2. schedule manual software updates
3. restart service when update process done

system logging
1. use remote logging to isolated log server
2. use secure communication channel for remote logging
3. use mail report tools (logwatch)
4. monitoring activity (penetration)

system auditing
1. use linux auditing system (auditd)
2. use remote audit logging with secure communication channel ?
3. use isolated audit server ?
4. monitoring activity (penetration)

process accounting
1. use linux process accounting system (psacct)
2. monitoring activity (penetration)

using security enhaced linux
1. create and update security police
2. auditing security policy
3. review permissions and access

using and configuring network firewall
1. role based firewall ?
2. using DMZ topology
3. review network topology
4. review firewall rules
5. monitoring activity (network attacks)

centralized authentication/authrization process
1. using LDAP/Kerberos
2. using secure communication channel
3. implement password validation
4. implement password expiration
5. review list of active users and current employees
6. review access roles to active users
7. monitoring activity (bruteforce)

intrusion detection/ prevention system
1. create and update detection rules
2. create and update prevention rules
3. review and audit
4. monitoring activity (network attacks)

security audit
1. rpm –verify
2. file intergrity scan (aide, tripwire)
3. rkhunter, chkrootkit scans
4. nmap scans
5. vulnerability scanning / scan analysis (nessus/metasploit scanner)
6. monitoring security alarms and notice
7. review security operational procedure

Author: GergunD

Leave a Reply