http://www.nsa.gov/notices/notic00004.cfm?Address=/snac/os/redhat/rhel5-guide-i731.pdf
Hardening Cheat Sheet
http://www.nsa.gov/notices/notic00004.cfm?Address=/snac/os/redhat/rhel5-pamphlet-i731.pdf
Warnings:
- Do not attempt to implement any of the recommendations in this guide without first testing in a non-production environment.
- This document is only a guide containing recommended security settings. It is not meant to replace well-structured policy or sound judgment. Furthermore this guide does not address site-specific configuration concerns. Care must be taken when implementing this guide to address local operational and policy concerns.
- The security changes described in this document apply only to Red Hat Enterprise Linux 5. They may or may not translate gracefully to other operating systems.
- Internet addresses referenced were valid as of 1 July 2007.
Translation:
Don't be silly and follow this guide line by line. It has tons of great security tips in it, but it is made for the US Government...not for Bob's pizza joint.
Use common sense and apply security measures where they make sense. Some of the "recommended" tips in these guides are not healthy for a corporate bottom-line.
Use the force and find the balance.
---------------------
With that being said, I was able to also use several of the tips in securing my CentOS VM image that I use for security testing.
No comments:
Post a Comment