Sarbanes-Oxley IT Compliance Using COBIT and Open Source Tools

System and Application Security

The SOX auditors will take a comprehensive look at your corporate security footprint. They will look for prevention and detection controls at every point of your infrastructure, including network ingress and egress points, administrator roles, applications, and data security. The following section looks at the various open source tools that address these needs.

Network Security

A firewall is typically the first line of defense for a network. Netfilter and iptables are the building blocks for the Linux 2.4 and 2.6 kernel that provide a framework that enables packet filtering, network address, port translation, and stateless or stateful packet filtering. Because iptables can be challenging to configure, there are many high-quality open source front ends to assist in the definition and maintenance of the rule sets. Each of these firewalls has a different focus:

  • Shorewall ( http://shorewall.net ) A general purpose, fully featured firewall that uses configuration files to set up and maintain the netfilter/iptables kernel module.

  • Smoothwall ( http://smoothwall.org ) A complete firewall distribution that includes a hardened subset of the Linux operating system so that there is no separate operating system to install. It is designed for ease of use and is configured via a Web-based graphical user interface (GUI).

  • FireStarter ( http://www.fs-security.com ) A visual firewall program with software that aims to combine ease of use with powerful features such as a wizard interface suitable for both desktop users and system administrators.

  • m0n0wall (

UNLIMITED FREE
ACCESS
TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Category: Packet Generators
Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.