Linux Audit

Linux security and system management blog

Linux Audit is one of the few blogs dedicated to Linux security. We aim for high-quality articles to explain security concepts and how they apply to Linux systems.

Interested in a particular subject or want to look around? The glossary might be a great start.

Stay up-to-date and the RSS/Atom feed to your RSS reader (e.g. Thunderbird)!

Did you know?

You can quickly go to your home directory

cd

Also 💙 the command-line or terminal? Have a look at the command-line tips.

Latest articles

Apache hardening profile

Harden the Apache web server configuration with the help of this predefined profile that implements systemd sandboxing capabilities and restricting resources.

pscap command

The Linux command pscap shows an overview of running processes and what capabilities they have, or if they have the full set (unrestricted).

netcap command

The Linux command netcap shows an overview of running processes and what capabilities they have. This applies to those that are using active network sockets.

filecap command

The Linux command filecap shows what capabilities binaries have, such as from your PATH variable, or scanning a particular file system.

captest command

The Linux command captest helps with testing capabilities and in particular to see if privilege escalation is possible.

Frequently Asked Questions

When it comes to Linux, there is so much to ask, like:

Multiple sections within this site cover the frequently asked questions for Linux and Linux security.

Recent changes

Topics

Auditing

Inspect your systems with security tools and manually by knowing what to look for.

Most recent changed article (of 60):
Linux Audit Framework

Auditing »

Automation

Save time by learning how to automate manual and repeating tasks.

Most recent changed article (of 12):
Shell scripting

Automation »

Compliance

Everything related to compliance, such as security auditing and system hardening.

Most recent changed article (of 15):
In-depth Linux Guide to Achieve PCI DSS Compliance and Certification

Compliance »

File systems

Everything about storing data on a file system

Most recent changed article (of 25):
Linux file permissions

File systems »

Hardening

Apply defenses to your Linux systems and make them less vulnerable.

Most recent changed article (of 30):
Linux capabilities 101

Hardening »

Kernel

Kernel parameters, system calls, and everything related to the core of every Linux system.

Most recent changed article (of 17):
Linux hardening with sysctl settings

Kernel »

Linux

Everything related to Linux, from the basics of system administration to running services and securing them.

Most recent changed article (of 39):
Linux capabilities 101

Linux »

Lynis

Tips and insights in using this security tool.

Most recent changed article (of 26):
How to update Lynis

Lynis »

Network

Network tuning and finding out why things are slow. Hint: it’s DNS.

Most recent changed article (of 25):
How to see active connections and bandwidth usage on Linux

Network »

Software

Configure, maintain, and monitor software applications

Most recent changed article (of 38):
Understand and configure core dumps on Linux

Software »

SSH

Hardening the SSH server and making smart use of SSH client options.

Most recent changed article (of 18):
SSH

SSH »

System administration

Learn generic Linux and security concepts with the articles in our system administrator category

Most recent changed article (of 224):
captest command

System administration »

Vulnerabilities

Know what vulnerabilities could be present on your systems and how to harden your Linux environment.

Most recent changed article (of 12):
Understanding Linux privilege escalation and defending against it

Vulnerabilities »

Web

Let’s build a better web together

Most recent changed article (of 23):
Web

Web »