Implementation Guide › Installing CA User Activity Reporting Module › Initial CA User Activity Reporting Module Server Configurations › OS Hardening
OS Hardening
The CA User Activity Reporting Module soft appliance contains a streamlined and hardened copy of the Red Hat Linux operating system. The following hardening techniques apply:
- Access to SSH as the root user is disabled.
- Use of the Ctrl-Alt-Del key sequence to reboot the server from the console without logging in is disabled.
- Redirections are applied in iptables for the following ports:
- TCP Port 80 and 443 are redirected to 5250
- UDP port 514 is redirected to 40514
- The GRUB package is password-protected.
- Installation adds the following low-privilege users:
- caelmadmin - an operating system account with login rights to the CA User Activity Reporting Module server console
- caelmservice - service account under which the iGateway and Agent processes run; you cannot login directly using this account
Copyright © 2013 CA.
All rights reserved.
|
|