LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
LinkBack Search this Thread
Old 08-29-2007, 04:48 PM   #1
jhmblvd
LQ Newbie
 
Registered: Feb 2005
Posts: 3

Rep: Reputation: 0
Server running Red Hat - Release 6 (Hedwig) Need Help!


I have just been hired as tech manager at a company running Windows Small Business Server and Linux Red Hat Version 6. I have worked with some Linux distros but never with this one. Currently the system is configured to run medical manager software and to backup data to tape. Their only support has been a tech 200 miles away who logs on to check the system and he is not answering calls. I worked with DOS for years, and understand file directories, ls command,cd, list, but need to find info about remote access security etc.. Any help appreciated.

Thanks.
 
Old 08-29-2007, 06:02 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,519
Blog Entries: 51

Rep: Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598
Hello and welcome to LQ. Hope you like it here.

I have just been hired as tech manager
With all due respect but if you don't grok GNU/Linux from a security point of view then please consider (temporarily) bringing somebody in who does. Not only will it save time but it'll also mean "better" quality wrt auditing and reporting (short and longterm recommendations).

RHL-6 (as opposed to RHEL) is severely deprecated. On top of that the 6 releases where the ones with the largest amount of 'sploits ITW. I really hope the thing is hardened properly, behind two or three firewalls and overloaded with access restrictions but that probably won't be the case...

Anyway. RHL isn't different from any other GNU/Linux distro (well, OK, some commands may not take args 'n switches we expect in this millennium). Before I'd go in I'd look at company policies, be especially careful to understand compliance and regulations games, look for any maint docs left (dream on), find out the box location inside their network (restrictions) and relation to other servers and services, what processes/which users are allowed access to it, where (if) it logs to (no kidding) and if there are backups (as if). If there's nothing to learn from that (like there was anything documented) and I have no suspicions (if I do then alerting, blocking access and making a full backup is the first priority) I'd log in as unprivileged user and look at the open files, process and network listings, go find a downtime slot and prepare for a full audit on the box with the focus on system integrity, keeping a swift migration to something maintainable and stable in the back of my mind. If I'm going to run tools on it I'll compile static them on a dev box and bring them along on removable media or grab them from a share. First thing I'd check are the login records and system and daemon logs (backups could help extend logrotate retention settings). Meanwhile I'll run something like Tiger to get an overview of the box, md5deep the whole FS and correlate output with 'rpm-Va'.
From there it depends on what I find.

So. I'd say draw up a plan (targets), work outside in (scope) before you recon the box (risk) and be weary of executing commands without a clear goal. If you feel you totally lost your bearings you might find the Intruder Detection Checklist (CERT): http://www.cert.org/tech_tips/intrud...checklist.html a good starting point even though it kinda sounds like made for worst case scenario's (which RHL-6 kinda is)...

If there's anything here I should clear up, please ask.
 
Old 08-30-2007, 07:24 AM   #3
jhmblvd
LQ Newbie
 
Registered: Feb 2005
Posts: 3

Original Poster
Rep: Reputation: 0
Right on Target

Each of your observations is correct. While there is a tape backup in place, no one has ever (I mean never) verified or tested the system. The organization has recently (before I arrived) purchased and installed A Small Windows Business Server. The Linux server contains the Medical Management Software and nothing else. When hired I was shown the following process.
"Walk in the closet, the box on the left is Linux which no one knows anything about. each morning login as root, type cat /user2/util/backup.log.
This displays a message saying 'Backup Successful." If things go right. Which apparently they have for years, with only a few thousand dollars a year spent on support calls.
As a small non-profit, they don't have the money to hire an IT support staff so it falls on me to try and make them understand the risks, of running a system that no one who knows anything about. As I said I am a Technical Manager, I manage, now I find myself the IT department. Their former tech could telnet in (they believe that is what he told them) and verify the backups, but this raises several more concerns in my mind. So I have taken upon myself to try to become familiar with the system to the point where I can write my report with authority suggesting strongly to set in motion your advice, the main problem now is the facility runs night and day, with clinicians logging in for medical assessments etc. Before upgrading, I need to find someone who can help me locally secure the server, check the backups, and close any security holes. I am reading as fast as I can and am building a test box at home until then I am very much afraid I will get a call or come in one morning and find important data lost or stolen.

Thank you, I appreciate your time and help.
 
Old 08-30-2007, 11:31 AM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,519
Blog Entries: 51

Rep: Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598
That's a sad story, good luck with it! Now if you could find out what Medical Management Software this is about I'd be interested to know.
 
Old 08-30-2007, 09:59 PM   #5
jhmblvd
LQ Newbie
 
Registered: Feb 2005
Posts: 3

Original Poster
Rep: Reputation: 0
Medical Manager

Hi, the software is Medical Manager. I believe it has quite a history developed by JOhn Singer it was at one time the premier practice management system in the US. Then it was distributed by different companies. I believe we purchased the system from WebMD.

Currently they have little support and what is available is very expensive, the current owner is a company called Emdeon who I think is selling it to Sage.

I have been studying as much as I can. We are is a non-profit organization, and the budget is tight. However as you can imagine my first concern when I was hired was the medical data!

I am seeking someone local or who can work with me to implement an upgrade and backup system.

Any ideas where I could look for support?
 
Old 08-31-2007, 08:11 AM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,519
Blog Entries: 51

Rep: Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598Reputation: 2598
Quote:
Originally Posted by jhmblvd View Post
Any ideas where I could look for support?
Your local Linux User Group (LUG) would be the first port of call. LQ has got a LUG forum, maybe you can locate one there.
 
  


Reply

Tags
version


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Disk array on a server running Red Hat AS3 brandonfordvvb Linux - Server 1 06-25-2007 03:30 PM
Advice for Email Server running on Red Hat Enterprise agarcia440654 Linux - Software 2 01-27-2004 11:11 AM
Red Hat does not plan to release another product in the red hat linux line... Whitehat General 5 11-03-2003 06:33 PM
Red Hat 10 Release? niteshadw Red Hat 3 10-11-2003 07:05 PM
Help!!! Red hat 7.2 FTP, WEB, MAIL connectivity to the server is running slow jobesd Linux - Distributions 0 02-28-2002 03:49 PM


All times are GMT -5. The time now is 08:14 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration