安徽省商品住宅销售Title.pptx

Building Your IT Security Checklist;What have we just done?;Applying TBS to the real world!;The TBS Audit Layers;CIS Rulers;CIS Rulers: A Security and Audit Checklist;CIS Rulers: Security Checklist Audit Plan;CIS Rulers: Procedural;CIS Ruler: Procedural;CIS Ruler Example: Backups;CIS Ruler: Procedural;CIS Ruler: Procedural;CIS Ruler: Written Documentation, Policies;CIS Ruler Example: Security Policy;CIS Ruler:;Procedural: Incident Response Plan ;Procedural: Training Education;Procedural: Physical Security;Procedural: Windows 2000;Procedural: Windows 2000;CIS Procedural Ruler Review;CIS Rulers for Solaris and Linux;CIS Level 1 Ruler: Unix;CIS Level 1 Ruler: Unix;CIS Level 1 Ruler: Unix;CIS Level 1 Unix Ruler - Patches;CIS Level 1 Unix Ruler: Security Tools;CIS Level 1 Unix Ruler: Security Tools;CIS Level 1 Unix Ruler: Access, Authorization;CIS Level 1 Unix Ruler: Kernel TCP/IP Tuning;CIS Level 1 Unix Ruler: Kernel , Batch Utilities;CIS Level 1 Unix Ruler: UMASK, , Access;CIS Level 1 Unix Ruler: and Access;See what we can find;Audit Report Example;/dev Permissions Exhibit;World-Writeable and SUID/SGID Files Audit Method Find commands were executed on the servers to locate all files with world-writeable permissions and SUID/SGID permissions. The output was redirected to appropriate files for later analysis. ? Finding A large number of world-writeable and SUID/SGID files were found on the server XYZ. Further, a number of files in the /usr, /opt and /var directories allow all users to have write permission. ? Security Implication World-writeable files allow any user or an intruder to change the contents of a file, effecting information integrity. Also, for executable files, an intruder may replace the a trojan horse that can damage the system and its integrity. SUID/SGID files execute with the privilege of the owner/group. These can be subverted by an unauthorized user or intruder to escalate their privilege to those of the owner/group of the SUID/SGID file.