Security, et al

Randy's Blog on Infosec and Other Stuff

«  Mobile and Remote Endpoin... | Randy's Review of a F... »

How to sudo it right for security, manageability, compliance and accountability

Mon, 02 Feb 2015 16:18:03 GMT

UNIX and Linux with sudo is a fact of life. It’s one of the first things auditors look for and it’s the native option for you to protect root from being abused. It’s also the standard way to implement least privilege and enforce accountability over privileged admins.

But sudo – like most components of Linux/UNIX – is very configurable and it’s easy to (pardon the pun) “sudo it wrong”. In this webinar I will provide a quick intro on sudo - explaining what sudo does in terms of eliminating the need to logon as all-powerful root and providing accountability and least privilege. I will also show you a number of common sudo pitfalls and the risks with sudo if not configured and used correctly.

I’ll explain to you how to sudo it right by doing things like:

  • Using include files to eliminate duplicate sudo policies between systems
  • Managing sudo consistently across multiple systems
  • Avoiding ALL
  • Using groups instead of user names
  • Specifying secure path
  • Logging
  • Configuring timeouts

Finally, Paul Harper, product manager from BeyondTrust, will review commercial options for augmenting sudo and attaining least privilege on UNIX and Linux.

This will be a very technical and useful webinar to help you improve the security, manageability, compliance and accountability of your *nix environment.

Click here register now!

email this digg reddit dzone
comments (0)references (0)

Related:
Auditing Privileged Operations and Mailbox Access in Office 365 Exchange Online
5 Indicators of Endpoint Evil
Severing the Horizontal Kill Chain: The Role of Micro-Segmentation in Your Virtualization Infrastructure
Live with Dell at RSA 2015

Comments disabled

powered by Bloget™

Search


Categories
Recent Blogs
Archive


 

Additional Resources