Author Topic: MSL service account  (Read 1822 times)

Offline fcutler

  • Jr. Member
  • **
  • Posts: 66
  • Country: us
  • Karma: +0/-0
    • View Profile
MSL service account
« on: December 17, 2015, 06:10:28 PM »
If a user is created by root in MSL (Border Gateway, NuPoint ver. 10.0.43) and added to the wheel group will this provide appropriate access as a service account for a security/vulnerability scanner? In this case Nexpose. On that note does anyone know what branch of Linux MSL is built off of?


Offline Navarre

  • Jr. Member
  • **
  • Posts: 75
  • Karma: +0/-1
    • View Profile
Re: MSL service account
« Reply #1 on: December 17, 2015, 08:10:07 PM »
What are the requirements of such a scanner? I can't possibly answer without knowing that.

MSL is built on CentOS.

Offline fcutler

  • Jr. Member
  • **
  • Posts: 66
  • Country: us
  • Karma: +0/-0
    • View Profile
Re: MSL service account
« Reply #2 on: December 18, 2015, 03:08:33 PM »
Navarre, the scanner requires access to the whole filesystem. This is what I'm told by the security team involved. Thanks for the info on what MSL is built on, good to know.

Offline acejavelin

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 4100
  • Country: us
  • Karma: +133/-0
  • High-tech, heavy metal redneck!
    • View Profile
    • Like what I do and wanna help out? Send me a donation!
Re: MSL service account
« Reply #3 on: December 18, 2015, 03:34:46 PM »
What kind of scanner is this that it "requires access to the whole filesystem" ??? In most cases, the most that is needed by security teams is to check for vulnerabilities on the public or sometimes internal IP address, or for viruses, the later being (almost) impossible in a Linux based system, especially one that is a closed system with no external file repository other than Mitel.

Not trying to argue with you, but I have worked with government offices, security and fraud companies, international organizations, and no one has said they need access to the entire file system of a Mitel server before... I am curious more than anything.

Offline fcutler

  • Jr. Member
  • **
  • Posts: 66
  • Country: us
  • Karma: +0/-0
    • View Profile
Re: MSL service account
« Reply #4 on: December 18, 2015, 04:02:20 PM »
Centene Corp. recently bought our company and they are unfamiliar with Mitel systems. The statement came from a security engineer because they are scanning for everything. Even though it's Mitel Linux they want a thorough vulnerability report on the system. I know it's overboard however it's their protocol. Also I am not really an expert myself with Mitel systems so I am not able to fully or eloquently inform or persuade them of the system's security.

Offline acejavelin

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 4100
  • Country: us
  • Karma: +133/-0
  • High-tech, heavy metal redneck!
    • View Profile
    • Like what I do and wanna help out? Send me a donation!
Re: MSL service account
« Reply #5 on: December 18, 2015, 04:42:57 PM »
Fair enough... I would just make a backup of the database and keep a system install DVD or USB drive on hand, never know what they could/might do. It will probably be fine to give them the root login and password, can always change it later.


 

Sitemap 1 2 3 4 5 6 7 8 9 10