cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

What host hardening does Dynatrace Managed Server install perform?

krokkas
Helper

What additional hardening is performed by the SELinux component of the Dynatrace Managed Server install. Can you provide a list that can be sent to our Security team, as it may be that default hardening as part of the install meets security requirements.

5 REPLIES 5

Radoslaw_Szulgo
Dynatrace Guru
Dynatrace Guru

The following system files and directories can be modified during installation of Dynatrace Managed:


/etc/hosts
/etc/sysctl.conf
/etc/pam.d/su
/etc/rc.local
/etc/security/limits.conf
/etc/security/limits.d/90-nproc.conf
/etc/sudoers
/etc/sudoers.d/
/etc/init.d/
/etc/init.d/rc*.d/
/etc/systemd/system/

Additionally, we need to configure firewall settings as stated here:

https://help.dynatrace.com/dynatrace-managed/dynat...

You may also have a look here:

/opt/dtrun/dtrun.conf 

to see what scripts are executed that may modify a system.

Hope that helps! If you have more questions, feel free to ask.

Senior Technical Product Manager,
Dynatrace Managed expert

monika_zyra
Inactive

There is no separated component like SELinux of Dynatrace Managed Server install. The general requirements that must be met before installation are listed here:

https://help.dynatrace.com/dynatrace-managed/dynatrace-server/how-do-i-install-dynatrace-server/

krokkas
Helper

@Radoslaw S. @Monika A. Apologies, this was meant to be instance hardening performed by the OneAgent install. I can open a new forum question if appropriate.

monika_zyra
Inactive

OneAgent installation is described here:

https://help.dynatrace.com/get-started/installation/how-do-i-install-dynatrace-oneagent/

krokkas
Helper

@Monika A. Thank you, will investigate further and get back to you.