There is no “security” forum so I figured I’d post this here.
Because of PCI compliance requirements, we are going to begin using the built-in audit utility that comes with SuSE to monitor file/directory changes. The utility comes pre-configured to monitor many system files but I was curious as if there is a standard list of files/folders that should be monitored for PCI compliance? I’ve scanned the web but haven’t come across anything yet.
jgosney wrote:
> There is no “security” forum so I figured I’d post this here.
There is a security list though -
<http://lists.opensuse.org/opensuse-security/>
BTW, what is PCI when it isn’t Peripheral Component Interconnect?
On 04/19/2011 03:06 PM, jgosney wrote:
> Because of PCI compliance requirements, we are going to begin using the
> built-in audit utility that comes with SuSE to monitor file/directory
> changes.
what operating system version are you using?
either of these should tell
cat /etc/SuSE-release
cat /etc/issue
> I’ve scanned the web but haven’t come across anything yet.
i wonder what you use to scan, Bing maybe? i ask because i use some of
the words in your question [audit utility SuSE file/directory changes]
in a google and right after your question (which is hit #1) is:
Linux Audit Quick Start <http://tinyurl.com/3kl4hhx>
Understanding Linux Audit <http://tinyurl.com/455m5oh>
Setting Up the Linux Audit <Framework http://tinyurl.com/3qmxq8t>
do any of those help?
–
CAVEAT: http://is.gd/bpoMD
[openSUSE 11.3 + KDE4.5.5 + Thunderbird3.1.8 via NNTP]
A Penguin Being Tickled - http://www.youtube.com/watch?v=0GILA0rrR6w
DenverD,
I found those but they are about setting up audit. We’ve already got it set up. I guess what I am looking for is a standard industry accepted (or recommended) list of system files/folders to monitor for PCI compliance.
Our machines are at version 10.2.
Payments Card Industry (ie, the standard with you have to comply to take card payment). It may be worth looking at something like Your PCI DSS or the Wikipedia page for a brief overview. One warning though; there has been a pretty significant change in the standard recently, so be very aware of which version is being described.
On 04/21/2011 05:06 PM, jgosney wrote:
>
> Our machines are at version 10.2.
then either you are running an openSUSE 10.2 which passed end of life on
November 30th 2008 (cite: http://en.opensuse.org/Lifetime) or you are
running SUSE Linux Enterprise version 10 SP2 which is still supported by
its producer, Novell…you are welcome to seek advice here, but BE
ADVISED that many of the answers might be from folks who have never run
SLE (or maybe never have even heard of it before) and you are likely
much better off if you seek assistance from the Novell forums, via:
http://forums.novell.com/
at any rate, this is the openSUSE forum of users helping users and i
can’t personally help with a recommended list of system files/folders to
monitor for PCI compliance…i’d guess a PCI forum would be a better
place to ask…(but, i don’t know what a PCI is)…maybe someone with
more knowledge on PCI happens along, you are welcome to hand out and wait.
–
CAVEAT: http://is.gd/bpoMD
[openSUSE 11.3 + KDE4.5.5 + Thunderbird3.1.8 via NNTP]
A Penguin Being Tickled - http://www.youtube.com/watch?v=0GILA0rrR6w