LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 09-27-2010, 09:47 PM   #1
pasuriya
LQ Newbie
 
Registered: Oct 2004
Posts: 1

Rep: Reputation: 0
What is the best way to do Enterprise audit of linux server environment ?


One of our customers is looking at enterprise audit of their data center (primarily consists of Linux servers)

We suggested them towards a SNMP based tool that has some limitations. Any other recommendation is welcome...

Thank you,
Suri
 
Old 09-27-2010, 10:09 PM   #2
TB0ne
Guru
 
Registered: Jul 2003
Location: Birmingham, Alabama
Distribution: SuSE, RedHat, Slack,CentOS
Posts: 15,075

Rep: Reputation: 2713Reputation: 2713Reputation: 2713Reputation: 2713Reputation: 2713Reputation: 2713Reputation: 2713Reputation: 2713Reputation: 2713Reputation: 2713Reputation: 2713
Quote:
Originally Posted by pasuriya View Post
One of our customers is looking at enterprise audit of their data center (primarily consists of Linux servers)

We suggested them towards a SNMP based tool that has some limitations. Any other recommendation is welcome...
Not to sound nasty, but if I asked for an enterprise audit, and someone told me to do an SNMP scan, I'd promptly hire someone else.

SNMP has many, MANY limitations, not the least of which is that it might not be configured and running on the host(s) you're going to scan. Want to know how to do a decent audit? Simple...sit someone down, have them log into EVERY box, and look at things. Pull up the hardware info, kernel level, authentication file(s) (password/shadow), and look at permissions on key security points. Check CRON jobs/scripts. Port scan EVERY box, to see what services are running, then check those services to see if they're secured with TCP wrappers, IP tables, etc. Then go and PHYSICALLY LOOK at each box, and confirm that there aren't hardware devices present, that don't show up, or are powered off.

An audit is a complex task, and there are many schools of thought and guides to help you along. SNMP would be so low on a list, that I'd not even consider it, except for VERY basic info.
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Audit for Red Hat 5.2 enterprise server jholp Red Hat 3 02-03-2010 05:47 AM
LXer: Enterprise Audit Shell LXer Syndicated Linux News 0 05-25-2006 07:21 AM


All times are GMT -5. The time now is 02:05 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration