• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 271
  • Last Modified:

Security on Linux Mainframes?

Do I need an Antivirus for Linux running on the Mainframe systems? Do the Mainframes connect to the Internet or to the outside world when working with crucial data? If they are, then whats the best way to secure them?

I would appreciate your response to this.

Thanks
0
jslayton01
Asked:
jslayton01
  • 2
1 Solution
 
chris_calabreseCommented:
The Center for Internet Security Linux Benchmarks are the best place to start as far as locking down the configuration.

As for antivirus, this is usually to protect any PC's that use the system as a fileserver or mailserver rather than the Linux system itself. If you're not using it for this, you don't need antivirus.
0
 
David PiniellaCommented:
>Do I need an Antivirus for Linux running on the Mainframe systems?

generally speaking, no. You would need to secure the system(s), but viruses are not as big a concern as a malicious user/hacker/attacker. Consider running a hardening routine (as recommended above) or a tool that will do this for you (JASS under Solaris, Bastille under Linux, etc.)

>Do the Mainframes connect to the Internet or to the outside world when working with crucial data?

The only one that can really answer this is either the users or administrators of the systems. It's perfectly possible to have a completely stand-alone system or maybe your data needs to deal with an outside server when being processed.

>If they are, then whats the best way to secure them?

See first question, Bastille can be found at http://www.bastille-linux.org/
0
 
jslayton01Author Commented:
When accessing sensitive data like accounting data or banking data, are the Mainframes usually on the Internet or their just internally connected just to get the data from the Mainframe Server to the Windows consoles?

Please explain..

** And within this forum, I had a hard time finding and appropriate area to talk about Mainframes or Mainframe Secuirty, is there like a place where I can post this kind of questions here? Or, on a different forum?
0
 
David PiniellaCommented:
from a security view, the most ideal situation would be to place them on an intranet -- no outside access, only local access to what they need. Most businesses only place what needs to be accessed publicly directly on the internet (web servers, ftp servers, etc.)

If you have a hardware question about mainframes (what _kind_ of mainframes?) then the hardware section is probably a better place for you. If your question is about the operating system of that mainframe (including security), the OS section is better for you. What OS is your mainframe running? What is the make/model of the mainframe?
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now