Login or Register to Ask a Question and Join Our Community


UNIX for Advanced & Expert Users

Automated security checks on Sidewinder7 firewall

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users Automated security checks on Sidewinder7 firewall
# 1  
Old 12-15-2011
Automated security checks on Sidewinder7 firewall
I have recently been tasked to create a script that will daily check our firewalls for any security issues that might have happened. I am not very strong with Unix so I need a lot of help and dont know where to start.

Some things I have thought of so far is I want to search the audit.raw files for any occurrence of an admin account being changed. Also want to look for DNS lookups or port 80 GetRequests that are over 64k in size.

I was thinking i could run the script in a cronjob. Is that the best way?

My bosses would also like some kind of output that they can look at and understand.

I am sure there are a lot more things I should be looking for. Has anyone done something like this already or know a good place for me to start researching commands for this kind of task? Thank you in advance for any help you can offer.
Last edited by soccerfan; 12-15-2011 at 05:52 AM..
Login or Register to Ask a Question

Previous Thread | Next Thread

5 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Daily Checks

Hey Guys, I'm seeking some assistance in getting this script to run as a cron job for the user oracle.. the script is basically to perform 2 ADRCI checks... see the script below... i'm getting the following error: /export/home/oracle/Daily_Checks/ADRCI_Daily_Checks.sh: syntax error at line 16:... (7 Replies)
Discussion started by: Racegod
7 Replies

2. Cybersecurity

Firewall bypass or stepping stone security question

Hi, I really do not know how to describe this problem; but, I think it's a firewall issue. My Distro is Slackware 12.0 (somewhat updated). My company firewall uses Netfilter and the e-mail server uses Sendmail. Let's say the firewall's Ext IP = A and Internal DMZ IP = B. The firewall's... (0 Replies)
Discussion started by: cc_ew
0 Replies

3. AIX

Pre-checks

AIX Guys!!! What pre-checks would you do on a 5.3 server before TL/SP/APAR installation? Bala (2 Replies)
Discussion started by: balaji_prk
2 Replies

4. UNIX for Advanced & Expert Users

Doing Checks on a file

I have a process that I am trying to provide a solution for and have hit a brick wall and would like some pointers in the right direction. Basically on a daily basis a report is automatically generated in a CSV format (FIRST.CSV) which includes codes and amounts in the following format: ... (6 Replies)
Discussion started by: SAMZ
6 Replies

5. UNIX for Dummies Questions & Answers

Security checks needed and at what frequency

hi, what are the Security checks need to be performed and at what frequency ? thanks (1 Reply)
Discussion started by: Far
1 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

grid-mapfile-check-consistency

GRID-MAPFILE-CHECK(8)						  Globus Commands					     GRID-MAPFILE-CHECK(8)

NAME

       grid-mapfile-check-consistency - Add an entry to a grid map file

SYNOPSIS

       grid-mapfile-check-consistency [-h] [-help] [-usage] [-version]

       grid-mapfile-check-consistency [-mapfile MAPFILE] | [-f MAPFILE]

DESCRIPTION

       The grid-mapfile-check-consistency program performs basic checks for validity of a gridmap file. These checks include checks for existence,
       duplication of entries, and valid local user names. If the gridmap file is valid, grid-mapfile-check-consistency exits with a zero exit
       code, otherwise it exits with a non-zero exit code. In either case, it displays information about its progress as it parses and validates
       the gridmap file.

       By default, grid-mapfile-check-consistency will check the gridmap file named by the GRIDMAP environment variable if present. If that
       variable is not set, it will check the file $HOME/.gridmap for non-root users if present. If that doesn't exist or
       grid-mapfile-check-consistency is run as root, it will then check /etc/grid-security/grid-mapfile. This can be changed by the use of the
       -mapfile or -f command-line options.

       The full set of command-line options to grid-mapfile-check-consistency are:

       -help, -h, -usage
	   Display the command-line options to grid-mapfile-check-consistency.

       -version
	   Display the version number of the grid-mapfile-check-consistency command.

       -mapfile MAPFILE, -f MAPFILE
	   Check the gridmap file named by MAPFILE instead of the default.

EXAMPLES

       Check that the gridmap file in /etc/grid-security is valid:

	   % grid-mapfile-check-consistency -f /etc/grid-security/grid-mapfile
	   Checking /etc/grid-security/grid-mapfile
	   Verifying grid mapfile existence...OK
	   Checking for duplicate entries...OK
	   Checking for valid user names...OK

       Check a gridmap file that has an invalid local user name:

	   % grid-mapfile-check-consistency -f /etc/grid-security/grid-mapfile
	   Checking /etc/grid-security/grid-mapfile
	   Verifying grid mapfile existence...OK
	   Checking for duplicate entries...OK
	   ERROR: baduser is not a valid local username
	   ERROR: Found 1 invalid username(s)

ENVIRONMENT VARIABLES

       The following environment variables affect the execution of grid-mapfile-check-consistency:

       GRIDMAP
	   Path to the default gridmap to check.

FILES

       The following files affect the execution of grid-mapfile-check-consistency:

       $HOME/.gridmap
	   Path to the default gridmap to check if the GRIDMAP environment variable is not set for non-root users.

       /etc/grid-security/grid-mapfile
	   Path to the default gridmap to check if GRIDMAP environment variable is not set and the above file does not exist.

SEE ALSO

       grid-mapfile-add-entry(8), grid-mapfile-delete-entry(8)

AUTHOR

       University of Chicago

Globus Toolkit 5.0.1						    03/19/2010						     GRID-MAPFILE-CHECK(8)