> At 11:42 95-11-20 -0500, Alexander O. Yuriev wrote: > > > What are the checks that we perfom before we bring a system onto > >the netwotk? Do we perform them at all or do we just blindly assume that > >if there is no patch out there, there is no problem? Is it that we do not > >want to bother with it or is it that we do not know where to look? > > What about a checkmark list of what should be verified before you put a > machine online ?? > > You can write a skeleton, share it with us, then *we* (i.e. the list) can adap > it to every platform. As a start, AUSCERT has already produced a fairly comprehensive unix checklist: ftp://ftp.auscert.org.au/pub/auscert/papers/unix_security_checklit_1.0 (the version number may have changed by now - this is what I retrieved earlier this year). I heartily recommend it as a starting point before a machine has the network cable connected. ------- Paul Brooks (PB94) | paul@turbosoft.com.au | Ssshhh: Network Specialist | pwb@newt.phys.unsw.edu.au| take a moment to TurboSoft Pty Ltd | | listen to the silence 579 Harris St., Ultimo | Ph : +61 2 281 3155 | Sydney Australia 2007 | Fax: +61 2 281 3350 |