Folks, I recently was assigned the project of developing security standards for our Unix environment. We have about 400 unix box's (HP-UX, Sun Solaris, AIX, etc)and the admins do their *own thing* with these boxes.
This is not a project I exactly like...I am buried with 20 other projects...and I am not Unix guru. For each Unix *flavor*, I need to develop Unix security standards that will cover areas like configuration settings, defaults, permissions, admin. account, password file, shells, trusts, root, patch's, logging, etc. These are my questions: (1) Does anyone know where I can quickly get my hands on some high quality, concise security standards/templates/checklists? for each Unix *flavor*? (2) What about good books/sites on Unix Security? (3) What about user friendly software tool(s) that I can periodically use to audit the Unix boxes for compliance to the new security standards I developed? Thanks Tony IT Security Manager Major Telecommunications Company _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
