Understanding what runs on your Linux system (and why)

Linux processes and daemons Each Linux system has a bunch of processes running. Most of these processes might be familiar to you if you regularly use a command like ps or top to display them. Processes may look like just an item in a list. They are actually complicated pieces of code that are tamed by a memory manager. To truly understand how your system is running, knowledge of process (or memory) management is of great help. So let’s make […]

Read more

Vulnerable packages on FreeBSD: pkg audit

Auditing FreeBSD with pkg audit FreeBSD is definitely another beast than Linux. In some areas, FreeBSD is really a powerful operating system. Package management is maybe not the first one you may think of. Typically FreeBSD users have two options when it comes to installing packages. Ports collection The ports tree allows the administration to build software they need, with the compilation flags he or she prefers. This makes the software optimized and typically the last versions are available. The downside […]

Read more

Troubleshooting guide for Lynis

Troubleshooting Lynis This document helps with solving most common issues experienced when running Lynis. Errors No hostid and/or hostid2 found Some systems do not have the OpenSSH server package installed. In this case, the hostid2 value may be missing. During the upload it may result in an error. Error: No hostid and/or hostid2 found. Can not upload report file. To see what Lynis discovered, use the show command. lynis show hostids If the hostid2 is missing, we can tell Lynis […]

Read more

Configure the time zone (TZ) on Linux systems

Linux Time Zone Configuration Having the right time set on a Linux system is important for the synchronization of data, forensics, and troubleshooting. Having the right time zone is the next step. We will have a look on how to check and configure the time zone on Linux systems. See current time zone Most new Linux distributions use systemd now. By using the timedatectl command we can quickly see the existing time information, including the time zone. timedatectl For Linux, there […]

Read more

Locking users after X failed login attempts with pam_tally2

Using pam_tally2 on Linux Most Linux distributions use pluggable authentication modules (PAM). This modular type of configuration allows system administrators to configure and fine-tune the authentication of users. It also defines the behavior on specific events, like providing an invalid user account or password. PAM can use these events to automatically take an action, like locking an account. Introduction to PAM The configuration of PAM is not that hard, but there are risks involved in the process of making changes. […]

Read more

GDPR Compliance: Technical Requirements for Linux Systems

GDPR for Linux systems What is GDPR? The General Data Protection Regulation is a regulation to protect data stored about individuals from the European Union. When speaking about stored data, it includes the handling of data at any given time, from entry to data deletion. One of the important parts is that individuals have the right to request the data stored about them and the right to get that data erased. You may know this from the “right to be forgotten” […]

Read more

Configure the minimum password length on Linux systems

Linux and password strength One of the options to improve password security is by setting a minimum length. This prevents users from choosing easy passwords. As part of Linux system hardening, you don’t want your passwords to be cracked too quickly by modern password crackers. Configuration Login settings The first area where you can set a password length is in /etc/login.defs. The related setting is PASS_MINLEN and already tells us it is about the minimum length of a password. Modern Linux […]

Read more

The State of Linux Security

Linux Security (2016) Introduction In the last 10 years, GNU/Linux achieved something some foreseen as almost impossible: powering both the smallest and biggest devices in the world, and everything in between. Only the desktop is not a conquered terrain yet. The year 2016 had an impact on the world. Both from a real life perspective, as digitally. Some people found their personal details leaked on the internet, others found their software being backdoored. Let’s have a look back on what […]

Read more
12328