Friday, July 23, 2010
tripwire configuration and operation
Think of this as a quick setup guide to tripwire on CentOS (or RHEL). My platform, as usual, is CentOS 5.5. The version of tripwire installed is open source 2.4.1.1-1.el5 available from EPEL.
My main sources of information were the tripwire man pages and a blog post entitled Install Tripwire on Fedora 11 (the EPEL package is a port of the Fedora package for RHEL). The especially useful twpol.txt filtering script came from the blog post.
[Read More…]
Monday, July 19, 2010
CIS Apache Web Server Scoring Tool
The Apache Benchmark Tool assesses target systems for conformance with the CIS Benchmark for Apache Web Servers.
Here’s the link to the code:
CIS Apache Web Server Scoring Tool for the 2.1.0 Benchmark v1.0.0
This is free but unsupported software from the nonprofit Center for Internet Security.
[Read More…]
Tuesday, July 13, 2010
Server Side Includes on RHEL 5 Apache 2.2
The Apache Group’s own Apache Tutorial: Introduction to Server Side Includes is the best starting point for this. There’s a brief mention in the RHEL 4 Reference Guide, but it’s barely worth skimming, except for its pointing out that the “Options +Includes” or “Options +IncludesNoExec” directive needs to be enclosed in a <Directory> container (or an .htaccess file) to be effective. That last is something assumed by the Apache doc (we all know that Options directives have to be within a <Directory> container, don’t we?), but not spelled out.
[Read More…]
Friday, May 21, 2010
Just follow the yellow brick road
Was up on OTN the other day and clicked through the following:
[Read More…]
Friday, May 14, 2010
Oracle (Sun) DSEE 7
Oracle’s (Sun’s, actually) Directory Server Enterprise Edition (DSEE) 7.0 has a lot going for it. [Read More…]