Hello managers,
A client recently underwent a security audit. The auditor has made the
following recommendations. I was wondering what the ramifications may be of
implementing his suggestions. He was not overly familiar with T64 UNIX and
some of the other recommendations he made did not apply. As far as I know,
all of the following points are based on the default T64 installation.
This is version 4.0D patch 3. TruCluster ASE 1.5. (two Alpha 4100s). (Yes, I
know it's behind) This system is safely behind a firewall and there is no
direct access from the internet to any services on these systems.
1) The /etc/inittab file is world readable ( although owned by root:system).
He suggests removing the world read access.
2)Take root's home directory off of "/" and create a private root home
directory. (Like /root on linux I suppose)
3) Disable the "comsat" and "cfgmgr" services in /etc/inittab.
Thanks.
John Seel
----------------------------------------------------
John Seel
UNIX Systems Administrator
Faulding, Inc.
'john.seel_at_us.faulding.com"
(908) 659-2398
-----------------------------------------------------
Received on Thu Aug 03 2000 - 18:30:25 NZST