{"id":389,"date":"2015-11-08T20:41:10","date_gmt":"2015-11-08T20:41:10","guid":{"rendered":"http:\/\/nethemba.com\/cs\/?page_id=389"},"modified":"2019-08-27T10:20:38","modified_gmt":"2019-08-27T09:20:38","slug":"lokalni-systemovy-audit","status":"publish","type":"page","link":"https:\/\/nethemba.com\/cs\/sluzby\/sitova-a-systemova-bezpecnost\/lokalni-systemovy-audit\/","title":{"rendered":"Lok\u00e1ln\u00ed syst\u00e9mov\u00fd audit"},"content":{"rendered":"<p lang=\"cs-CZ\">C\u00edlem lok\u00e1ln\u00edho bezpe\u010dnostn\u00edho auditu opera\u010dn\u00edch syst\u00e9m\u016f je kontrola lok\u00e1ln\u00ed syst\u00e9mov\u00e9 bezpe\u010dnosti dan\u00e9ho OS v rozsahu:<\/p>\n<ul>\n<li><strong><span lang=\"cs-CZ\">Ov\u011b\u0159en\u00ed existence nepou\u017e\u00edvan\u00fdch slu\u017eeb a bal\u00ed\u010dk\u016f <\/span><\/strong><span lang=\"cs-CZ\">&#8211; nepou\u017e\u00edvan\u00e9 slu\u017eby a bal\u00ed\u010dky zvy\u0161uj\u00ed mno\u017estv\u00ed zp\u016fsob\u016f kter\u00fdmi je mo\u017en\u00e9 dan\u00fd syst\u00e9m kompromitovat<\/span><\/li>\n<li><strong><span lang=\"cs-CZ\">Anal\u00fdza zvl\u00e1\u0161tn\u00edho chov\u00e1n\u00ed syst\u00e9mu<\/span><\/strong><span lang=\"cs-CZ\"> &#8211; kontrola &#8222;zvl\u00e1\u0161tn\u00edch&#8220; proces\u016f a s\u00ed\u0165ov\u00fdch spojen\u00ed (&#8222;promiscous flag&#8220;), &#8222;zadn\u00edch vr\u00e1tek&#8220;, modifikovan\u00fdch bin\u00e1rn\u00edch soubor\u016f, podez\u0159el\u00fdch z\u00e1znam\u016f v logov\u00fdch souborech, detekce jadern\u00fdch (kernel) rootkit\u016f.<\/span><\/li>\n<li><strong><span lang=\"cs-CZ\">Kontrola syst\u00e9mov\u00fdch suid\/sgid aplikac\u00ed a jejich p\u0159\u00edpadn\u00e1 eliminace &#8211; <\/span><\/strong><span lang=\"cs-CZ\">suid\/sgid aplikace vlastn\u011bn\u00e9 superu\u017eivatelem jsou z hlediska bezpe\u010dnosti kritick\u00e9 &#8211; jejich zneu\u017eit\u00ed m\u016f\u017ee v\u00e9st ke kompromitaci cel\u00e9ho syst\u00e9mu<\/span><\/li>\n<li><strong><span lang=\"cs-CZ\">Ov\u011b\u0159en\u00ed aktu\u00e1lnosti pou\u017eit\u00fdch bezpe\u010dnostn\u00edch z\u00e1plat v\u0161ech bal\u00edk\u016f a j\u00e1dra &#8211; <\/span><\/strong><span lang=\"cs-CZ\">neudr\u017eovan\u00fd syst\u00e9m bal\u00edk\u016f a star\u00e9 j\u00e1dro m\u016f\u017ee obsahovat velk\u00e9 mno\u017estv\u00ed zranitelnost\u00ed, kter\u00e9 dok\u00e1\u017ee potenci\u00e1ln\u00ed \u00fato\u010dn\u00edk zneu\u017e\u00edt<\/span><\/li>\n<li><strong><span lang=\"cs-CZ\">N\u00e1vrh vhodn\u00e9ho \u0159\u00edzen\u00ed p\u0159\u00edstupu (opr\u00e1vn\u011bn\u00ed)<\/span><\/strong><span lang=\"cs-CZ\">&#8211; Unixov\u00fd syst\u00e9m pr\u00e1v DAC (<\/span><a href=\"http:\/\/en.wikipedia.org\/wiki\/Discretionary_Access_Control\">Discretionary Access Control<\/a><span lang=\"cs-CZ\">) je v mnoha p\u0159\u00edpadech nedosta\u010duj\u00edc\u00ed. Na Linuxu, BSD a tak\u00e9 na Solarisu existuj\u00ed robustn\u011bj\u0161\u00ed p\u0159\u00edstupy \u0159\u00edzen\u00ed zalo\u017een\u00e9 na <\/span><a href=\"http:\/\/en.wikipedia.org\/wiki\/Type_enforcement\">DTE<\/a><span lang=\"cs-CZ\"> a <\/span><a href=\"http:\/\/en.wikipedia.org\/wiki\/Role-Based_Access_Control\">RBAC<\/a><span lang=\"cs-CZ\"> modelech (nap\u0159. <\/span><a href=\"http:\/\/www.nsa.gov\/research\/selinux\/\">SELinux<\/a><span lang=\"cs-CZ\">,<\/span><a href=\"http:\/\/www.trustedbsd.org\/sebsd.html\">SEBSD<\/a><span lang=\"cs-CZ\">, <\/span><a href=\"http:\/\/www.sun.com\/software\/solaris\/trustedsolaris\/index.xml\">Trusted Solaris<\/a><span lang=\"cs-CZ\">). Ov\u011b\u0159\u00edme pou\u017e\u00edvan\u00fd p\u0159\u00edstup \u0159\u00edzen\u00ed a p\u0159\u00edpadn\u011b navrhneme bezpe\u010dn\u011bj\u0161\u00ed.<\/span><\/li>\n<li><strong><span lang=\"cs-CZ\">Ov\u011b\u0159en\u00ed u\u017eivatel\u016f <\/span><\/strong><span lang=\"cs-CZ\">&#8211; ov\u011b\u0159en\u00ed existuj\u00edc\u00edch u\u017eivatel\u016f, jejich opr\u00e1vn\u011bn\u00ed, rol\u00ed, nastaven\u00ed (nap\u0159. platnost \u00fa\u010dtu), separace do speci\u00e1ln\u00edch skupin, anal\u00fdza pou\u017eit\u00fdch hash\u016f hesel a n\u00e1vrh bezpe\u010dn\u011bj\u0161\u00edch\u00a0, ov\u011b\u0159en\u00ed mo\u017enost\u00ed vzd\u00e1len\u00e9ho p\u0159ihl\u00e1\u0161en\u00ed na superu\u017eivatele, u\u017eivatelsk\u00fdch cron \u00faloh.<\/span><\/li>\n<li><strong><span lang=\"cs-CZ\">Kontrola konfigurace pou\u017e\u00edvan\u00fdch slu\u017eeb &#8211; <\/span><\/strong><span lang=\"cs-CZ\">chybn\u00e1 konfigurace slu\u017eby m\u016f\u017ee v\u00e9st v d\u016fsledku ke kompromitaci cel\u00e9ho syst\u00e9mu. Zanalyzujeme zda v\u0161echny slu\u017eby p\u0159en\u00e1\u0161ej\u00edc\u00ed citliv\u00e9 \u00fadaje (jako p\u0159ihla\u0161ovac\u00ed jm\u00e9na, hesla, atd.) pou\u017e\u00edvaj\u00ed bezpe\u010dn\u00e9 \u0161ifrov\u00e1n\u00ed a autentizaci. Zkontrolujeme zda v\u0161echny kritick\u00e9 slu\u017eby b\u011b\u017e\u00ed pod neprivilegovan\u00fdmi u\u017eivateli a p\u0159\u00edpadn\u011b zda u nich existuje mo\u017enost jejich b\u011bhu v izolovan\u00e9m prost\u0159ed\u00ed, tzv. &#8222;chroot&#8220;. V p\u0159\u00edpad\u011b, \u017ee dan\u00e1 implementace slu\u017eby je z hlediska bezpe\u010dnosti nevhodn\u00e1 (nap\u0159\u00edklad obsahovala v minulosti mnoho bezpe\u010dnostn\u00edch zranitelnost\u00ed), navrhneme jej\u00ed bezpe\u010dn\u011bj\u0161\u00ed alternativu<\/span><\/li>\n<li><strong><span lang=\"cs-CZ\">Kontrola bezpe\u010dn\u00e9ho \u00falo\u017ei\u0161t\u011b \u2013 <\/span><\/strong><span lang=\"cs-CZ\">ov\u011b\u0159\u00edme zda aplikace pou\u017e\u00edv\u00e1 bezpe\u010dn\u00e9 \u00falo\u017ei\u0161t\u011b (\u0161ifrovan\u00fd souborov\u00fd syst\u00e9m) a zda jen povolen\u00e9 aplikace p\u0159istupuj\u00ed k zvolen\u00fdm dat\u016fm. Stejn\u011b tak kontrolujeme zda &#8222;boot manager&#8220; je zabezpe\u010den\u00fd heslem a jsou nastaven\u00e9 bezpe\u010dn\u00e9 opr\u00e1vn\u011bn\u00ed k soubor\u016fm.<\/span><\/li>\n<li><strong><span lang=\"cs-CZ\">Kontrola &#8222;host-based&#8220; firewallu<\/span><\/strong><span lang=\"cs-CZ\"> \u2013 ov\u011b\u0159\u00edme zda je zapnut\u00fd a spr\u00e1vn\u011b nakonfigurovan\u00fd &#8222;host-based&#8220; firewall, kter\u00fd zvy\u0161uje lok\u00e1ln\u00ed bezpe\u010dnost a mimo jin\u00e9 nap\u0159\u00edklad komplikuje masov\u00e9 \u0161\u00ed\u0159en\u00ed &#8222;worm\u016f&#8220;<\/span><\/li>\n<\/ul>\n<p><strong><span lang=\"cs-CZ\">Vlastnosti:<\/span><\/strong><\/p>\n<ul>\n<li>\n<p lang=\"cs-CZ\">podporovan\u00e9 jsou v\u0161echny b\u011b\u017en\u011b roz\u0161\u00ed\u0159en\u00e9 opera\u010dn\u00ed syst\u00e9my<\/p>\n<\/li>\n<li>\n<p lang=\"cs-CZ\">testov\u00e1n\u00ed je v souladu s OSSTMM metodologi\u00ed, d\u016fraz je kladen na f\u00e1ze &#8222;Vulnerability Research and Verification (OSSTMM Section C\/4)&#8220; a &#8222;Privacy Review (OSSTMM Section C\/5)&#8220;<\/p>\n<\/li>\n<li>\n<p lang=\"cs-CZ\">v\u00fdsledkem je technick\u00e1 zpr\u00e1va s mana\u017e\u00e9rsk\u00fdm shrnut\u00edm, v\u0161emi odhalen\u00fdmi zranitelnostmi a vhodn\u00fdmi doporu\u010den\u00edmi<\/p>\n<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>C\u00edlem lok\u00e1ln\u00edho bezpe\u010dnostn\u00edho auditu opera\u010dn\u00edch syst\u00e9m\u016f je kontrola lok\u00e1ln\u00ed syst\u00e9mov\u00e9 bezpe\u010dnosti dan\u00e9ho OS v rozsahu: Ov\u011b\u0159en\u00ed existence nepou\u017e\u00edvan\u00fdch slu\u017eeb a bal\u00ed\u010dk\u016f &#8211; nepou\u017e\u00edvan\u00e9 slu\u017eby a bal\u00ed\u010dky zvy\u0161uj\u00ed mno\u017estv\u00ed zp\u016fsob\u016f kter\u00fdmi je mo\u017en\u00e9 dan\u00fd syst\u00e9m kompromitovat Anal\u00fdza zvl\u00e1\u0161tn\u00edho chov\u00e1n\u00ed syst\u00e9mu &#8211; kontrola &#8222;zvl\u00e1\u0161tn\u00edch&#8220; proces\u016f a s\u00ed\u0165ov\u00fdch spojen\u00ed (&#8222;promiscous flag&#8220;), &#8222;zadn\u00edch vr\u00e1tek&#8220;, modifikovan\u00fdch bin\u00e1rn\u00edch soubor\u016f, podez\u0159el\u00fdch z\u00e1znam\u016f [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":383,"menu_order":1,"comment_status":"closed","ping_status":"closed","template":"services_detail.php","meta":{"inline_featured_image":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"class_list":["post-389","page","type-page","status-publish","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Lok\u00e1ln\u00ed syst\u00e9mov\u00fd audit - Nethemba<\/title>\n<meta name=\"description\" content=\"Testov\u00e1n\u00ed lok\u00e1ln\u00edho auditu je v souladu s OSSTMM metodologi\u00ed, d\u016fraz je kladen na f\u00e1ze &quot;Vulnerability Research and Verification (OSSTMM Section C\/4)&quot;\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nethemba.com\/cs\/sluzby\/sitova-a-systemova-bezpecnost\/lokalni-systemovy-audit\/\" \/>\n<meta property=\"og:locale\" content=\"cs_CZ\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Lok\u00e1ln\u00ed syst\u00e9mov\u00fd audit - Nethemba\" \/>\n<meta property=\"og:description\" content=\"Testov\u00e1n\u00ed lok\u00e1ln\u00edho auditu je v souladu s OSSTMM metodologi\u00ed, d\u016fraz je kladen na f\u00e1ze &quot;Vulnerability Research and Verification (OSSTMM Section C\/4)&quot;\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nethemba.com\/cs\/sluzby\/sitova-a-systemova-bezpecnost\/lokalni-systemovy-audit\/\" \/>\n<meta property=\"og:site_name\" content=\"Nethemba\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/nethemba\" \/>\n<meta property=\"article:modified_time\" content=\"2019-08-27T09:20:38+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@nethemba\" \/>\n<meta name=\"twitter:label1\" content=\"Odhadovan\u00e1 doba \u010dten\u00ed\" \/>\n\t<meta name=\"twitter:data1\" content=\"3 minuty\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/nethemba.com\\\/cs\\\/sluzby\\\/sitova-a-systemova-bezpecnost\\\/lokalni-systemovy-audit\\\/\",\"url\":\"https:\\\/\\\/nethemba.com\\\/cs\\\/sluzby\\\/sitova-a-systemova-bezpecnost\\\/lokalni-systemovy-audit\\\/\",\"name\":\"Lok\u00e1ln\u00ed syst\u00e9mov\u00fd audit - Nethemba\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nethemba.com\\\/de\\\/#website\"},\"datePublished\":\"2015-11-08T20:41:10+00:00\",\"dateModified\":\"2019-08-27T09:20:38+00:00\",\"description\":\"Testov\u00e1n\u00ed lok\u00e1ln\u00edho auditu je v souladu s OSSTMM metodologi\u00ed, d\u016fraz je kladen na f\u00e1ze \\\"Vulnerability Research and Verification (OSSTMM Section C\\\/4)\\\"\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nethemba.com\\\/cs\\\/sluzby\\\/sitova-a-systemova-bezpecnost\\\/lokalni-systemovy-audit\\\/#breadcrumb\"},\"inLanguage\":\"cs\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nethemba.com\\\/cs\\\/sluzby\\\/sitova-a-systemova-bezpecnost\\\/lokalni-systemovy-audit\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nethemba.com\\\/cs\\\/sluzby\\\/sitova-a-systemova-bezpecnost\\\/lokalni-systemovy-audit\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/nethemba.com\\\/cs\\\/home-new-2025\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Slu\u017eby\",\"item\":\"https:\\\/\\\/nethemba.com\\\/cs\\\/sluzby\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"S\u00ed\u0165ov\u00e1 a syst\u00e9mov\u00e1 bezpe\u010dnost\",\"item\":\"https:\\\/\\\/nethemba.com\\\/cs\\\/sluzby\\\/sitova-a-systemova-bezpecnost\\\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Lok\u00e1ln\u00ed syst\u00e9mov\u00fd audit\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/nethemba.com\\\/de\\\/#website\",\"url\":\"https:\\\/\\\/nethemba.com\\\/de\\\/\",\"name\":\"Nethemba\",\"description\":\"We care about your security\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/nethemba.com\\\/de\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"cs\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Lok\u00e1ln\u00ed syst\u00e9mov\u00fd audit - Nethemba","description":"Testov\u00e1n\u00ed lok\u00e1ln\u00edho auditu je v souladu s OSSTMM metodologi\u00ed, d\u016fraz je kladen na f\u00e1ze \"Vulnerability Research and Verification (OSSTMM Section C\/4)\"","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nethemba.com\/cs\/sluzby\/sitova-a-systemova-bezpecnost\/lokalni-systemovy-audit\/","og_locale":"cs_CZ","og_type":"article","og_title":"Lok\u00e1ln\u00ed syst\u00e9mov\u00fd audit - Nethemba","og_description":"Testov\u00e1n\u00ed lok\u00e1ln\u00edho auditu je v souladu s OSSTMM metodologi\u00ed, d\u016fraz je kladen na f\u00e1ze \"Vulnerability Research and Verification (OSSTMM Section C\/4)\"","og_url":"https:\/\/nethemba.com\/cs\/sluzby\/sitova-a-systemova-bezpecnost\/lokalni-systemovy-audit\/","og_site_name":"Nethemba","article_publisher":"https:\/\/www.facebook.com\/nethemba","article_modified_time":"2019-08-27T09:20:38+00:00","twitter_card":"summary_large_image","twitter_site":"@nethemba","twitter_misc":{"Odhadovan\u00e1 doba \u010dten\u00ed":"3 minuty"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/nethemba.com\/cs\/sluzby\/sitova-a-systemova-bezpecnost\/lokalni-systemovy-audit\/","url":"https:\/\/nethemba.com\/cs\/sluzby\/sitova-a-systemova-bezpecnost\/lokalni-systemovy-audit\/","name":"Lok\u00e1ln\u00ed syst\u00e9mov\u00fd audit - Nethemba","isPartOf":{"@id":"https:\/\/nethemba.com\/de\/#website"},"datePublished":"2015-11-08T20:41:10+00:00","dateModified":"2019-08-27T09:20:38+00:00","description":"Testov\u00e1n\u00ed lok\u00e1ln\u00edho auditu je v souladu s OSSTMM metodologi\u00ed, d\u016fraz je kladen na f\u00e1ze \"Vulnerability Research and Verification (OSSTMM Section C\/4)\"","breadcrumb":{"@id":"https:\/\/nethemba.com\/cs\/sluzby\/sitova-a-systemova-bezpecnost\/lokalni-systemovy-audit\/#breadcrumb"},"inLanguage":"cs","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nethemba.com\/cs\/sluzby\/sitova-a-systemova-bezpecnost\/lokalni-systemovy-audit\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/nethemba.com\/cs\/sluzby\/sitova-a-systemova-bezpecnost\/lokalni-systemovy-audit\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nethemba.com\/cs\/home-new-2025\/"},{"@type":"ListItem","position":2,"name":"Slu\u017eby","item":"https:\/\/nethemba.com\/cs\/sluzby\/"},{"@type":"ListItem","position":3,"name":"S\u00ed\u0165ov\u00e1 a syst\u00e9mov\u00e1 bezpe\u010dnost","item":"https:\/\/nethemba.com\/cs\/sluzby\/sitova-a-systemova-bezpecnost\/"},{"@type":"ListItem","position":4,"name":"Lok\u00e1ln\u00ed syst\u00e9mov\u00fd audit"}]},{"@type":"WebSite","@id":"https:\/\/nethemba.com\/de\/#website","url":"https:\/\/nethemba.com\/de\/","name":"Nethemba","description":"We care about your security","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nethemba.com\/de\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"cs"}]}},"_links":{"self":[{"href":"https:\/\/nethemba.com\/cs\/wp-json\/wp\/v2\/pages\/389","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nethemba.com\/cs\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/nethemba.com\/cs\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/nethemba.com\/cs\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nethemba.com\/cs\/wp-json\/wp\/v2\/comments?post=389"}],"version-history":[{"count":0,"href":"https:\/\/nethemba.com\/cs\/wp-json\/wp\/v2\/pages\/389\/revisions"}],"up":[{"embeddable":true,"href":"https:\/\/nethemba.com\/cs\/wp-json\/wp\/v2\/pages\/383"}],"wp:attachment":[{"href":"https:\/\/nethemba.com\/cs\/wp-json\/wp\/v2\/media?parent=389"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}