I am new to the world of Unix. As part of my understanding to have a big picture of Unix, I need to understand:
- How to review the existing unix system or audit for the settings?
- How do I go about fixing the holes?
Most commerical port scanners can determine the OS type, scan all ports for vulnerabilities AND detail a report that suggests the appropriate fixes. So, if are running UNIX for a large commercial, government, or other entity; see if they have purchased a good commerical port scanner (and keep it updated with the lastest goodies).
Similar tools are available with shareware. Tools like SATAN, come to mind first. Enjoy!
In terms of looking into access controls what should I be looking at?
Is there any checklist available along with the commands ?
There must be commerical programs that scan the file system and produce reports on file and directory permissions, but I can't think of any off hand. COPS is a sets of utilities that runs on UNIX as shel scripts and checks the file system.
More on COPS here:
http://dan.yosemite.ca.us/cops/
Also, more UNIX security tools here:
If you want information specific to your UNIX setup, search www.securityfocus.com for information. Also, check into packetstormsecurity.org if you want to get your hands dirty.
Read this several times: uwsg.iu.edu/usail/external/recommended/checklist.html. Fire up your favorite FTP client, and head on over to ftp://coast.cs.purdue.edu...
When you're ready for more links, let me know... I can go on like this all day. If you want something specific, I'll do my best to oblige.