OSsonar Logo
Menu
Donations


Audits

Disk

  • Adequate free blocks on local filesystems.
  • Adequate free inodes on local filesystems.
  • No change in the filesystems mount table.

File

  • All GIDs in /etc/group are unique.
  • All Group Names in /etc/group are unique.
  • All files are owned by valid users.
  • Every /etc/passwd GID is a valid group.
  • Every /etc/passwd home directory is valid.
  • Every /etc/passwd shell is an expected value.
  • Every user in /etc/group is a valid user.
  • There are 4 fields in every record in /etc/group.
  • There are 7 fields in every record in /etc/passwd.
  • There are no new huge directories.
  • There are no new large files.
  • There is nothing unusual about the content of a log.
  • Verify that certain files do exist.
  • Verify that certain files do not exist.

Network

  • All defined hosts can be pinged.
  • No change in the network port services.
  • No change in the network routing tables.
  • No user has .rhosts in their home directory.
  • No users have .netrc in their home directory.
  • Untrusted network services are disabled.

Performance

  • System load average is less than threshold.
  • All defined URLs are responding.
  • All traffic on network devices is nominal.
  • MySQL is responding.
  • No performance problems with network interface cards.
  • No problems with swap space usage.
  • The Alert Manager is working.
  • The size of the mail queue is nominal.
  • There is no unusual robot activity.

Process

  • All daemons are up.
  • All processes are owned by a current user.
  • There are no runaway processes.
  • There are no stalled processes.
  • There are no unwanted processes.

Security

  • All defined URLs have not changed.
  • No change to secured directories/files.
  • No one is using ssh to attack this system.
  • Clamscan reports no viruses.
  • There are no rootkits installed.
  • No sticky bit directory has lost the sticky bit.
  • There are no new SUID/SGID files.
  • There are no new world writable files.
  • There are no patterns of failed logins of concern.
  • There are no patterns of failed su attempts of concern.
  • There are no rogue device files.
  •  All NFS exported dirs are configured to be secure.

System

  • Mail is being delivered.
  • Size of each system log is nominal.
  • No recent system reboot.
  • RPMs are current.
  • System time is reasonable.
  • The hostname has not changed.
  • There are no trash files on the system.

User

  • Every user has a password.
  • All /etc/passwd login names are unique.
  • All UIDs in /etc/passwd are unique.
  • All mailboxes are owned and permissioned correctly.
  • All passwords are shadowed.
  • All users have password aging.
  • Certain logins are not in /etc/passwd.
  • Every user has a unique home directory.
  • Root can only log in from console.
  • There are no SUID/SGID login shells.
  • There are no new users logged in. ­
­


Print this | Send this | Page Views: 1207 |

Managed by OSSonar Powered by imijit.net Web site powered by PostNuke PHP Language

All logos and trademarks in this site are property of their respective owner.
All comments are property of their posters, all the rest ©2004-2008 by Virtual Labs.
feed-icon-14x14.png RSS News