Vulnerability Assessment of a EAL 4 system
|
View:
New views
6 Messages
—
Rating Filter:
Alert me
|
 |
Vulnerability Assessment of a EAL 4 system
by castellan2004-fd
::
Rate this Message:
I am looking at a Linux server which has been
accredited as a EAL4 system by IBM. During the assessment, I was looking for standard Linux protections like iptables, ssh etc. On this server, there is no iptables. Regardless, I would like to know how to evaluate a EAL 4 system. What do you need to look for in the EAL 4 system in production that could become vulnerable? Thank you in advance for any help. |
|
|
RE: Vulnerability Assessment of a EAL 4 system
by Stong, Ian C CTR DISA GIG-CS
::
Rate this Message:
You should get a copy of the security target and protection profiles
used for the EAL4 accreditation. This will give you insight into what they evaluated against. I would then suggest performing standard Linux checks on the system (sounds like you already did some of that). Any standard security protections missing need to be weighed against what the vendor has done to provide similar protections. Thanks, Ian Stong -----Original Message----- From: listbounce@... [mailto:listbounce@...] On Behalf Of castellan2004-fd@... Sent: Wednesday, November 01, 2006 5:12 AM To: focus-linux@... Subject: Vulnerability Assessment of a EAL 4 system I am looking at a Linux server which has been accredited as a EAL4 system by IBM. During the assessment, I was looking for standard Linux protections like iptables, ssh etc. On this server, there is no iptables. Regardless, I would like to know how to evaluate a EAL 4 system. What do you need to look for in the EAL 4 system in production that could become vulnerable? Thank you in advance for any help. |
|
|
Re: Vulnerability Assessment of a EAL 4 system
by terry white
::
Rate this Message:
... ciao:
: on "11-1-2006" "castellan2004-fd@..." writ: : accredited as a EAL4 system by IBM a google search of: "EAL4"+IBM might be a good start ... -- ... i'm a man, but i can change, if i have to , i guess ... |
|
|
RE: Vulnerability Assessment of a EAL 4 system
by Takayama Kawika (DTI)
::
Rate this Message:
This is one of the only Linux Distro's in production certified for
EAL4... "Following in the wake of its previous certifications, Novell's SUSE Linux Enterprise Server 9 has achieved EAL4 certification on 'an IBM eServer.' This puts SLES9 in the same league as Windows 2000 for sales in the government sector and is the first Linux distro to achieve an EAL4 certification." Here is more support.... http://en.wikipedia.org/wiki/Evaluation_Assurance_Level If you have a current EAL level 4 certified system and it is in production, it means nothing to the extent other than you have a very expensive piece of hardware. Can you secure it? If you are looking for this answer then my suggestion is to run a series of PenTests against it and see. Rapid7 or CoreImpact or Metasploit or any number of system Vulnerability scanners. If something pops as a finding then address it and move on. But the certification for eal4 doesn't mean anything unless you know how to secure the device... That's the bottom line. Kawika "Regret for the things we did can be tempered by time; it is regret for the things we did not do that is inconsolable." -Sydney J. Harris -----Original Message----- From: listbounce@... [mailto:listbounce@...] On Behalf Of castellan2004-fd@... Sent: Wednesday, November 01, 2006 5:12 AM To: focus-linux@... Subject: Vulnerability Assessment of a EAL 4 system I am looking at a Linux server which has been accredited as a EAL4 system by IBM. During the assessment, I was looking for standard Linux protections like iptables, ssh etc. On this server, there is no iptables. Regardless, I would like to know how to evaluate a EAL 4 system. What do you need to look for in the EAL 4 system in production that could become vulnerable? Thank you in advance for any help. -----Original Message----- From: listbounce@... [mailto:listbounce@...] On Behalf Of castellan2004-fd@... Sent: Wednesday, November 01, 2006 5:12 AM To: focus-linux@... Subject: Vulnerability Assessment of a EAL 4 system I am looking at a Linux server which has been accredited as a EAL4 system by IBM. During the assessment, I was looking for standard Linux protections like iptables, ssh etc. On this server, there is no iptables. Regardless, I would like to know how to evaluate a EAL 4 system. What do you need to look for in the EAL 4 system in production that could become vulnerable? Thank you in advance for any help. |
|
|
Re: Vulnerability Assessment of a EAL 4 system
by Shashi-3
::
Rate this Message:
Answer to all of your questions is , evaluate the Linux system according the documentation developed
by Klaus Weidner <klaus@...>. http://www-128.ibm.com/developerworks/linux/library/os-ltc-security/ Thanks & Regards, Shashi Kanth castellan2004-fd@... wrote: > I am looking at a Linux server which has been > accredited as a EAL4 system by IBM. During the > assessment, I was looking for standard Linux > protections like iptables, ssh etc. On this server, > there is no iptables. > > Regardless, I would like to know how to evaluate a EAL > 4 system. What do you need to look for in the EAL 4 > system in production that could become vulnerable? > > Thank you in advance for any help. > |
|
|
|
| Free Forum Powered by Nabble | Forum Help |