1

I'm working in an environment where multiple groups share servers. I was wondering what tools are used to check if configurations files were modified, maybe able to say who modified them, and revert them to original? And tools for deploying configuration files across multiple servers to make sure everything is in sync.

I realize that process can be developed and I can lock down access but I am looking for a validity check tool for now. Regarding deployments/sync of configurations, is the answer to just have a revision control system like git/svn with puppet, ansible, or chef running at an interval?

Thank you.

Igor
  • 71
  • 1
  • 1
  • 4
  • 1
    Typically a configuration management tool is useful, but it is it not designed for assurance and integrity checking from strict security auditing perspective. . Check for instance chapter 15 of the [SANS Linux security checklist](https://www.sans.org/media/score/checklists/linuxchecklist.pdf) for their recommendations. – HBruijn Mar 09 '16 at 05:36
  • Additionally *Requests for product, service, or learning material recommendations* are considered [**off-topic**](http://serverfault.com/help/on-topic) on serverfault.com because they attract [low quality, opinionated and spam answers](http://meta.serverfault.com/a/6140) and [the answers become obsolete quickly](http://meta.serverfault.com/a/6488). Potentially your question can be reworded or is suitable for the [Software Recommendations](http://softwarerecs.stackexchange.com/help/on-topic) Stack Exchange community – HBruijn Mar 09 '16 at 08:45

0 Answers0