I want to periodically check if ASCII password/config files on Unix have 400 or 600 access. Folders and files are owned by designated group and user. Folders and Files do not have world write access.
Are there any tools/scripts available for this kind of auditing that I can use on Solaris? (7 Replies)
I read somewhere that you should make sure Apache is configured to not allow symbolic links to be followed outside the webroot, as this can compromise security.
I can imagine how this could lead to a security risk:
eg:
Is my assumption correct? -- Is it nothing more than: "its just... (0 Replies)
Hi,
I am doing a services audit on one of our servers at work and I notice that I sometimes have a service with two slightly different prefixes. For example,
S94httpd
K15httpd
Can one of them be safely deleted? (2 Replies)
PP(1) NSS Security Tools PP(1)NAME
pp - Prints certificates, keys, crls, and pkcs7 files
SYNOPSIS
pp -t type [-a] [-i input] [-o output]
STATUS
This documentation is still work in progress. Please contribute to the initial review in Mozilla NSS bug 836477[1]
DESCRIPTION
pp pretty-prints private and public key, certificate, certificate-request, pkcs7 or crl files
OPTIONS -t type
specify the input, one of {private-key | public-key | certificate | certificate-request | pkcs7 | crl}
-a
Input is in ascii encoded form (RFC1113)
-i inputfile
Define an input file to use (default is stdin)
-u outputfile
Define an output file to use (default is stdout)
ADDITIONAL RESOURCES
NSS is maintained in conjunction with PKI and security-related projects through Mozilla and Fedora. The most closely-related project is
Dogtag PKI, with a project wiki at PKI Wiki[2].
For information specifically about NSS, the NSS project wiki is located at Mozilla NSS site[3]. The NSS site relates directly to NSS code
changes and releases.
Mailing lists: pki-devel@redhat.com and pki-users@redhat.com
IRC: Freenode at #dogtag-pki
AUTHORS
The NSS tools were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google.
Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey <dlackey@redhat.com>.
LICENSE
Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at
http://mozilla.org/MPL/2.0/.
NOTES
1. Mozilla NSS bug 836477
https://bugzilla.mozilla.org/show_bug.cgi?id=836477
2. PKI Wiki
http://pki.fedoraproject.org/wiki/
3. Mozilla NSS site
http://www.mozilla.org/projects/security/pki/nss/
nss-tools 12 November 2013 PP(1)