Evaluating Workstation Security

When evaluating the security of a Community Enterprise Linux workstation, consider the following:

• BIOS and Boot Loader Security - Can an unauthorized user physically access the machine and boot into single user or rescue mode without a password?

• Password Security - How secure are the user account passwords on the machine?
• Administrative Controls - Who has an account on the system and how much administrative control do they have?
• Available Network Services - What services are listening for requests from the network and should they be running at all?
• Personal Firewalls - What type of firewall, if any, is necessary?
• Security Enhanced Communication Tools - Which tools should be used to communicate between workstations and which should be avoided?