<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=us-ascii" http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 9.00.8112.16470"></HEAD>
<BODY>
<DIV><FONT size=2 face=Arial><SPAN class=919153211-11042013>Is there any code
out there to monitor that</SPAN></FONT></DIV>
<DIV><FONT size=2 face=Arial><SPAN class=919153211-11042013>(a) iptables is
running (not just set to everything allowed)</SPAN></FONT></DIV>
<DIV><FONT size=2 face=Arial><SPAN class=919153211-11042013>(b) SELinux is
enabled</SPAN></FONT></DIV>
<DIV><FONT size=2 face=Arial><SPAN
class=919153211-11042013></SPAN></FONT> </DIV>
<DIV><FONT size=2 face=Arial><SPAN class=919153211-11042013>I've looked on
Xymonton, the Xymon archives and Google but not found anything. Obviously,
checking that these are running is anywhere between nice and critical if one
either has a server exposed to the Internet or need to pass regulatory security
checks.</SPAN></FONT></DIV>
<DIV><FONT size=2 face=Arial><SPAN
class=919153211-11042013></SPAN></FONT> </DIV>
<DIV><FONT size=2 face=Arial><SPAN class=919153211-11042013>The way I would
ideally have liked these to work (but beggers can't be choosers!) is that
the iptables check would work a bit like the port checks in analysis.cfg so
one can check if particular rules are enabled (and the default policy on
chains), and SELinux would also be monitored and configured in analysis.cfg with
options to go yellow or red depending on the state of the enabled/disabled,
permissive/enforcing and targeted/strict toggles.</SPAN></FONT></DIV>
<DIV><FONT size=2 face=Arial><SPAN
class=919153211-11042013></SPAN></FONT> </DIV>
<DIV><FONT size=2 face=Arial><SPAN class=919153211-11042013>This then allows for
sending alerts to managers if someone disables security measures on
a server.</SPAN></FONT></DIV><!-- Converted from text/rtf format -->
<P align=left><SPAN lang=en-gb><FONT size=2 face=Arial>Kind
regards,</FONT></SPAN> </P>
<P><SPAN lang=en-gb><FONT size=2 face=Arial><SPAN
class=919153211-11042013>SebA</SPAN></FONT></SPAN></P></BODY></HTML>