Integrity of Configuration

I l @ ve RuBoard

The system configuration should be tested to assure that the configuration is unable to be altered by unauthorized users and that it is free of errors.

Configuration Files

The configuration files should be tested to assure that they are of the correct format and are appropriately secured. The configuration fields should be tested, where applicable , to assure that they have reasonable values.

  • pwck scans the local password file, /etc/passwd , and reports any inconsistencies to standard error. The checks include validation of the number of fields, login name, user ID, group ID, and whether the login directory and optional program name exist.

  • grpck verifies all entries in the local group file, /etc/group , and reports any inconsistencies to standard error. This verification includes a check of the number of fields, group name, group ID, and whether all login names appear in the password file.

  • authck checks both the overall structure and the internal field consistency of all components of the authentication database. It reports all problems that it finds. The protected password database and /etc/passwd are checked for completeness so that neither contains entries not in the other. The cross references between the protected password database and /etc/passwd are checked to make sure that they agree. However, if NIS+ is configured in your system, the password table is also checked before reporting a discrepancy. This means that a discrepancy would not be reported for a user that does not exist in /etc/passwd but exists in the protected password database as well as in the NIS+ passwd table. Fields in the protected password database are then checked for reasonable values.

Permissions

Appropriate permissions on configuration files and directories should be checked to assure that they are not modifiable by unauthorized users.

I l @ ve RuBoard


Halting the Hacker. A Practical Guide to Computer Security
Halting the Hacker: A Practical Guide to Computer Security (2nd Edition)
ISBN: 0130464163
EAN: 2147483647
Year: 2002
Pages: 210

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net