Linux Audit
Linux security and system management blog
Linux Audit is one of the few blogs dedicated to Linux security. We aim for high-quality articles to explain security concepts and how they apply to Linux systems.
Interested in a particular subject or want to look around? The glossary might be a great start.
Stay up-to-date and the RSS/Atom feed to your RSS reader (e.g. Thunderbird)!
Did you know?
You can quickly go to your home directory
cdAlso 💙 the command-line or terminal? Have a look at the command-line tips.
Latest articles
Apache hardening profile
Harden the Apache web server configuration with the help of this predefined profile that implements systemd sandboxing capabilities and restricting resources.
pscap command
The Linux command pscap shows an overview of running processes and what capabilities they have, or if they have the full set (unrestricted).
netcap command
The Linux command netcap shows an overview of running processes and what capabilities they have. This applies to those that are using active network sockets.
filecap command
The Linux command filecap shows what capabilities binaries have, such as from your PATH variable, or scanning a particular file system.
captest command
The Linux command captest helps with testing capabilities and in particular to see if privilege escalation is possible.
Frequently Asked Questions
When it comes to Linux, there is so much to ask, like:
- How to see logging for a specific unit or service
- What is SSH?
- How to start and enable a unit with systemctl
Multiple sections within this site cover the frequently asked questions for Linux and Linux security.
- Data processing
- Linux file systems
- Hardware
- Kernel
- Networking
- Package manager
- Processes
- SSH
- System administration
- Systemd
Recent changes
- Linux Audit » Website information
- Website information » Latest changes
- System hardening » Linux hardening with sysctl settings
- Software » Understand and configure core dumps on Linux
- Kernel » Overview of Linux syscalls
- Linux capabilities » Overview of Linux capabilities
- Linux Audit » Contact details
- Kernel » Linux capabilities
- Commands » captest command
- Commands » netcap command
- Commands » pscap command
- Commands » filecap command
- Linux capabilities » Linux capabilities 101
- Settings for systemd units » LockPersonality setting
- Settings for systemd units » RestrictNamespaces setting
- systemd settings » Settings for systemd units
- Settings for systemd units » ProtectHome setting
- Settings for systemd units » ProcSubset setting
- Settings for systemd units » SystemCallFilter setting
- Settings for systemd units » DevicePolicy setting
- Settings for systemd units » ProtectClock setting
- Settings for systemd units » ProtectSystem setting
- Settings for systemd units » NoExecPaths setting
- Settings for systemd units » ExecPaths setting
- Settings for systemd units » SystemCallArchitectures setting
Topics
Auditing
Inspect your systems with security tools and manually by knowing what to look for.
Most recent changed article (of 60):
› Linux Audit Framework
Automation
Save time by learning how to automate manual and repeating tasks.
Most recent changed article (of 12):
› Shell scripting
Compliance
Everything related to compliance, such as security auditing and system hardening.
Most recent changed article (of 15):
› In-depth Linux Guide to Achieve PCI DSS Compliance and Certification
File systems
Everything about storing data on a file system
Most recent changed article (of 25):
› Linux file permissions
Hardening
Apply defenses to your Linux systems and make them less vulnerable.
Most recent changed article (of 30):
› Linux capabilities 101
Kernel
Kernel parameters, system calls, and everything related to the core of every Linux system.
Most recent changed article (of 17):
› Linux hardening with sysctl settings
Linux
Everything related to Linux, from the basics of system administration to running services and securing them.
Most recent changed article (of 39):
› Linux capabilities 101
Lynis
Tips and insights in using this security tool.
Most recent changed article (of 26):
› How to update Lynis
Network
Network tuning and finding out why things are slow. Hint: it’s DNS.
Most recent changed article (of 25):
› How to see active connections and bandwidth usage on Linux
Software
Configure, maintain, and monitor software applications
Most recent changed article (of 38):
› Understand and configure core dumps on Linux
SSH
Hardening the SSH server and making smart use of SSH client options.
Most recent changed article (of 18):
› SSH
System administration
Learn generic Linux and security concepts with the articles in our system administrator category
Most recent changed article (of 224):
› captest command
Vulnerabilities
Know what vulnerabilities could be present on your systems and how to harden your Linux environment.
Most recent changed article (of 12):
› Understanding Linux privilege escalation and defending against it