[EdLUG] Fwd: [Baen Baen's Bar] Cybersecurity

[Edinburgh Linux Users Group]

>From logs I could extract only versions of used software and than compare
it with vulnerability database. Also logs would provide info on activity
but that is it. It will not allow to check for local misconfiguration of
some settings, will not allow to check for privilege escalation etc.

I could provide for them internal security assessment with build review of
boxes they want to test.

Piotr

W dniu wtorek, 19 lutego 2019 Edinburgh Linux Users Group <
edlug at lists.edlug.org.uk> napisał(a):

> Depends on the kind of audit, surely?
>
> I don't see how any serious auditing can be done simply from the contents
> of syslog and other randomness in /var/log/
>
> M
>
> Please excuse my brevity, this has been sent from my mobile device.
>
>
> -------- Original Message --------
> Subject: [EdLUG] Fwd: [Baen Baen's Bar] Cybersecurity
> From: Edinburgh Linux Users Group
> To: Edinburgh Linux Users Group
> CC:
>
>
> I just received this email.  Can anyone advise the OP on this question ?
>
> Andrew Ramage
>
>
> -------- Forwarded Message --------
> Subject: [Baen Baen's Bar] Cybersecurity
> Date: Tue, 19 Feb 2019 11:32:46 -0600vise
> From: piobair <piobair at mindspring.com> <piobair at mindspring.com>
> Reply-To: baens_bar at bar.baen.com
> Organization: Baen's Bar
> To: baens_bar at bar.baen.com
> Newsgroups: Baen_Baens_Bar
>
> The Board of Directors overseeing a friend of mine has decided that they need a security audit by an independent auditor. My friend's entire system is running on Linux with Linux servers and (mostly) thin clients.
> He put out an RFP and, in his words, they want the keys to the front door in order to see if the china cabinet is locked.
> Can an adequate audit be made from the /var/log files?
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.edlug.org.uk/pipermail/edlug/attachments/20190219/1719b22d/attachment.html>