System Integrity

Linux Security Principle: Containment of Failure

Everyone who ever used Windows 95 or 98, is familiar with the concept of failure. Fortunately, Linux systems have a strong foundation and use containment of failure.

Summary of Linux Security Principle: Containment of Failure

Everyone who used Windows 95 or 98 in the past is familiar with the concept of failure. One crashing application was enough to bring the system to a halt. Fortunately, Linux systems have a strong foundation, including privilege separation and memory management. When things go wrong, the impact is reduced to a minimum. This is called containment. Linux Memory Management Memory is like your the storage capacity of your brain. Every bit should be stored properly, or otherwise you will do strange things.

Read the full article…

Linux System Integrity Explained: Ensure Data, Logging and Kernel Integrity

Linux system integrity can be achieved with security measures which focus on kernel integrity, file integrity and hardware integrity. With many software solutions available, we have a look at the options and some common tools to use.

Summary of Linux System Integrity Explained: Ensure Data, Logging and Kernel Integrity

From Data and Logging, up to Kernel Integrity Systems exist for one primary goal, which is processing data. Information security helps protecting this valuable data, by ensuring its availability, integrity, and confidentiality. In other words, data should be available when we need it. Then it should be properly transmitted and stored, without errors. Our last goal ensures that it is only available to those with a need to know. Many open source software components are available to help with these goals.

Read the full article…

Missing Packages: Don’t Trust External Repositories!

Should you external repositories or not? In this article we look at why trusting external repositories might be a bad thing.

Summary of Missing Packages: Don’t Trust External Repositories!

If you are in the business of system administration, you know the big dilemma when it comes to installing software: missing packages. Yes, a lot of packages are available in the repositories of your Linux distribution, but not the one you need. Or when it is, it is horribly outdated. So you reach out to external resources, like community maintained repositories, right? With Lynis, we face this same issue. While most of the distributions have Lynis in the repository, it is often outdated.

Read the full article…