|
|
|
|
|
|
by amjo324
3665 days ago
|
|
|
Although not a good read (in terms of being engaging or interesting), you'll find that a lot of security professionals will use something like the Center for Internet Security (CIS) benchmark when doing a formal audit or configuration review of RHEL (or any major Linux distribution for that matter). They will run a command line tool that will check the system's config against every item in the benchmark. The tool will generate a report with pass/fail outcomes for each item plus hardening advice. It's not perfect but it can be a decent starting point before you do further manual analysis of your system. More info about the CIS benchmarks:
https://benchmarks.cisecurity.org/downloads/benchmarks/ The RHEL 7 benchmark:
https://benchmarks.cisecurity.org/tools2/linux/CIS_Red_Hat_E... |
|
|