search for: cisecur

Hello, Has anyone tried out the security scoring tool at http://www.cisecurity.org/bench_freebsd.html? Any thoughts or opinions? Regards, stheg __________________________________ Do you Yahoo!? Yahoo! Mail - 250MB free storage. Do more. Manage less. http://info.mail.yahoo.com/mail_250

SELinux? On 22 April 2015 at 09:11, John R Pierce <pierce at hogranch.com> wrote: > On 4/21/2015 11:34 PM, Eero Volotinen wrote: > >> apply also ideas from this document: >> https://benchmarks.cisecurity.org/downloads/show-single/?file=rhel6.130 >> > > that should be your baseline. I suspect you'll find all the things you > mentioned are discussed in the CIS benchmarks. > > > > > > -- > john r pierce, recycling bits in santa cruz > > > _________...

apply also ideas from this document: https://benchmarks.cisecurity.org/downloads/show-single/?file=rhel6.130 -- Eero 2015-04-22 9:30 GMT+03:00 Tim <lists at kiuni.de>: > I am very interested. > > One of my suggestions: > > Firewall: > Network based firewall zone assignment (possibly disabling interface based > assignment) > >...

Overview ======== This module implements the Center for Internet Security (CIS) Security Configuration Benchmark for Red Hat Enterprise Linux 6 v.1.1.0 (avilable at http://benchmarks.cisecurity.org). Each scored control has been implemented as a class or a custom fact. Installation ============ Please either: - Clone git repo from https://github.com/arildjensen/cis-puppet - Run "puppet module install arildjensen/cis" and install from PuppetForge (http://forge.puppetlabs.co...

Hello everyone, CIS (http://www.cisecurity.org) is a non-profit that develops security benchmarks and scoring tools for free distribution. We have a project underway to create a FreeBSD benchmark which would be used extensively in the federal government and private business. However, we need some additional FreeBSD experts to help us d...

Hi All:) I would like to start using a tool for automating of os hardening. I found some informations about Bastille. One things which attracted my attention is that in http://bastille-linux.sourceforge.net/news_updates.htm the last post is from January 29th, 2012 :D Is the tool ready to use at the moment with CentOS 6/7? Are there any alternatives which you can recommend? Thanks for all info

...: > >> SELinux? >> >> On 22 April 2015 at 09:11, John R Pierce <pierce at hogranch.com> wrote: >> >> > On 4/21/2015 11:34 PM, Eero Volotinen wrote: >> > >> >> apply also ideas from this document: >> >> >https://benchmarks.cisecurity.org/downloads/show-single/?file=rhel6.130 >> >> >> > >> > that should be your baseline. I suspect you'll find all the >things you >> > mentioned are discussed in the CIS benchmarks. >> > >> > >> > >> > >> &...

On 4/21/2015 11:34 PM, Eero Volotinen wrote: > apply also ideas from this document: > https://benchmarks.cisecurity.org/downloads/show-single/?file=rhel6.130 that should be your baseline. I suspect you'll find all the things you mentioned are discussed in the CIS benchmarks. -- john r pierce, recycling bits in santa cruz

...andrew.holway at gmail.com> kirjoitti: > SELinux? > > On 22 April 2015 at 09:11, John R Pierce <pierce at hogranch.com> wrote: > > > On 4/21/2015 11:34 PM, Eero Volotinen wrote: > > > >> apply also ideas from this document: > >> https://benchmarks.cisecurity.org/downloads/show-single/?file=rhel6.130 > >> > > > > that should be your baseline. I suspect you'll find all the things you > > mentioned are discussed in the CIS benchmarks. > > > > > > > > > > > > -- > > john r pierce...

...urity benchmarks such as CIS [1]. how could someone deploy 1000s of computer systems in the field without a plan for regular security updates?!? that would be somewhat analogous to buying a fleet of airplanes without any plan or provisions for scheduled maintenance. [1] https://benchmarks.cisecurity.org/downloads/show-single/?file=centos6.201 -- john r pierce, recycling bits in santa cruz

Hi Guys, I would like advice for best practices to secure my linux boxes. Know if I have been hacked, know of security breaches, etc. Can anyone provide advice? -Jason

Unfortunately, that's the constraint it seems hence, there's inquiry of other options. But, looks like, any el6 package should work as long as we meet the dependencies? Kindly thanks for many help. On Tue, Nov 8, 2016 at 10:55 AM, John R Pierce <pierce at hogranch.com> wrote: > On 11/8/2016 6:27 AM, Dipal Bhatt wrote: > >> Thanks really Leon very much w/ a very

https://bugzilla.mindrot.org/show_bug.cgi?id=3172 Bug ID: 3172 Summary: Idle connections not closed automatically Product: Portable OpenSSH Version: 8.2p1 Hardware: amd64 OS: Linux Status: NEW Severity: critical Priority: P5 Component: sshd Assignee: unassigned-bugs at

Greetings, everybody I've browsed around a bit, but there seems to be no single practical list of this kind. What would you do to make a new Centos server which must run apache, IMAP (Dovecot) and SMTP (PostFix) and nothing else for a few domains as secure from attacks as possible, using only standard RPM packages as much as possible? (Please note that choice of other IMAP and SMTP servers

Hello, I have a server running CentOS 4.3 with all the latest updates. The server in question has been hacked by spammers a few times. The details of the hack have been basically the same every time. I find some directory created by the apache user account in /tmp. The new directory contains an html file, and a list of email addresses to spam and a perl script that spams all those email

Dear All, About a week ago; I posted a proposal over on the centos-devel mailing list, the proposal is for a SIG 'CentOS hardening', there were a few of the members of the community who are also interested in this. Therefore, I am extending that email to this community; where there is a larger community. Some things that we will like to achieve are as follows: SSH: disable root

Hi, I admit I never gave security that much thought, that is, except the most basic security rules like choosing good passwords, or reasonable file and directory permissions. But now I have to change that, since I'll soon have to setup a dedicated production server for our public libraries. I wonder where to begin. I would say first thing is get a series of "auditing" tools