[cs615asa] Blue Team Link [Week 12]

[Rozy Gupta]

Hello everyone,


This week Blue team is sharing an article which discusses some general guidelines for securing unix and linux systems.

Reference: https://www.bu.edu/tech/about/security-resources/bestpractice/unix/

Following are some practices that should be followed for System security:

(1) First and foremost, we need to choose a good OS supported by IST. We can choose any OS but the ones supported by IST would result in more secure and robust environment.
(2) Next, it is important to stay with current patches. This can be achieved using routine scheduling and having an emergency downtime to install new versions of the kernel and other core components when the patches can't be applied live.
(3) It is also important to configure the firewall for protecting the services being compromised.
(4) For detecting changes to the contents or attributes of your filesystems, it is of utmost importance to use File Integrity Monitoring and Change Auditing.
(5) For kerberos authentication, it is necessary to keep all the system clocks synchronized to the central server.
(6) We should to follow a good practice  of copying the logs to the central server for securing against the intruders that often try to erase the logs.

--Blue Team
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.stevens.edu/pipermail/cs615asa/attachments/20190420/909b6306/attachment.html>