Linux Audit
Linux security and system management blog
Linux Audit is one of the few blogs dedicated to Linux security. We aim for high-quality articles to explain security concepts and how they apply to Linux systems.
Interested in a particular subject or want to look around? The glossary might be a great start.
Did you know?
You can monitor ongoing and new connections linked to a process
lsof -a -i -r 1 -p 1234Also 💙 the command-line or terminal? Have a look at the command-line tips.
Latest articles
Set default file permissions on Linux with umask
Learn how to use umask to set the default file permissions in Linux. We look at examples, including how and where to implement them.
UMask setting
Harden services by configuring systemd units with a strict umask value using the unit setting UMask.
RestrictRealtime setting
Harden services by restricting systemd units to use realtime scheduling with the unit setting RestrictRealtime.
RestrictSUIDSGID setting
Harden services by restricting systemd units to set the set-user-ID (suid) or set-group-ID (sgid) bit on files with the unit setting RestrictSUIDSGID.
RestrictNamespaces setting
Harden services by restricting systemd units to only specified namespaces with the unit setting RestrictNamespaces.
Using a RSS feed reader? See links in footer to stay up-to-date!
Recent changes
- Systemd: Frequently Asked Questions » How to use systemctl edit to change a service?
- Hardening profiles for systemd » Nginx hardening profile
- Settings for systemd units » UMask setting
- Linux file permissions » Set default file permissions on Linux with umask
- Linux file permissions » Introduction in Linux file permissions
- Settings for systemd units » RestrictRealtime setting
- Settings for systemd units » RestrictSUIDSGID setting
- Settings for systemd units » RestrictNamespaces setting
- Settings for systemd units » CapabilityBoundingSet setting
- Linux Audit » How and why Linux daemons drop privileges
- Capabilities » Overview of Linux capabilities
- Linux Audit » Increase kernel integrity with disabled Linux kernel modules loading
- Linux Audit » Perform NetBSD security audit with pkg_admin
- Linux Audit » Security Integration: Configuration Management and Auditing
- Linux Audit » In-depth Linux Guide to Achieve PCI DSS Compliance and Certification
- Linux Audit » Livepatch: Linux kernel updates without rebooting
- Linux Audit » Determine which processes need a restart with checkrestart/needrestart
- Linux Audit » Do NOT use Linux hardening checklists for your servers
- Linux Audit » Linux Security Scanning for Dummies
- Linux Audit » Kernel hardening: Disable and blacklist Linux modules
- Linux Audit » How to Disable “System program problem detected”
- Linux Audit » Automatic Security Updates with DNF
- Linux Audit » What is the ‘toor’ user on FreeBSD?
- Linux Audit » Linux hardening with sysctl settings
- Linux Audit » Using encrypted documents with vim
Topics
Auditing
Inspect your systems with security tools and manually by knowing what to look for.
Latest article (of 59):
› How to secure a Linux system
Automation
Save time by learning how to automate manual and repeating tasks.
Latest article (of 12):
› Shell scripting
Compliance
Everything related to compliance, such as security auditing and system hardening.
Latest article (of 15):
› GDPR Compliance: Technical Requirements for Linux Systems
File systems
Everything about storing data on a file system
Latest article (of 25):
› Set default file permissions on Linux with umask
Hardening
Apply defenses to your Linux systems and make them less vulnerable.
Latest article (of 30):
› How to secure a Linux system
Linux
Everything related to Linux, from the basics of system administration to running services and securing them.
Latest article (of 37):
› How to block POST requests in nginx
Software
Configure, maintain, and monitor software applications
Latest article (of 33):
› How to show all installed packages with pacman
System administration
Learn generic Linux and security concepts with the articles in our system administrator category
Latest article (of 202):
› Set default file permissions on Linux with umask
Vulnerabilities
Know what vulnerabilities could be present on your systems and how to harden your Linux environment.
Latest article (of 12):
› Show vulnerable packages on Arch Linux with arch-audit
Web
Let’s build a better web together
Latest article (of 23):
› Hardening nginx with systemd security features