Most important steps for Linux server hardening

Linux Hardening Most systems have confidential data that needs to be protected. A safe system starts with a solid infrastructure. That includes physical security measures to prevent unauthorized people from access the system in the first place. From there on, security starts at the moment of system installation. This guide touches that area and goes into the actions after the system is installed. Hardening steps for Linux systems System hardening is the process of doing the right things to enhance […]

Read more

Linux server security: Three steps to secure each system

Linux server security: Three steps to secure each system Determining the level of Linux server security can only by measuring the actual implemented security safeguards. This process is called auditing and focuses on comparing common security measures with the ones implemented. While there is almost no system with all possible safeguards implemented, we still can determine how well (or badly) the system is protected. Security is about finding the weakest link(s) and associate risk with each weakness. Depending on the […]

Read more

Linux kernel security and how to improve it

Linux kernel security Every system is as strong as its weakest link. In the case of an operating system a weakness in the kernel often means a total compromise. Therefore we focus in this article on Linux kernel security, what we can do and where to look for. Configuration of the kernel To view or configure security related parameters of the kernel, there is the /etc/sysctl.conf file. This file stores the parameters and is read during boot time. However we […]

Read more

FreeBSD hardening with Lynis

FreeBSD hardening with Lynis Lynis development has its roots on a FreeBSD system, therefore FreeBSD hardening is also easy and supported when using Lynis. People who want to audit and harden their FreeBSD system will discover Lynis to be a powerful tool for this purpose. In this article we will focus on how to audit your system with Lynis. Lynis Lynis is an open source audit tool. It only requires root access and a normal shell and the tool is […]

Read more

How to use Lynis

How to use Lynis This article explains in a few quick steps how to start with using Lynis. A more extensive explanation can be found in the documentation of Lynis. Download Lynis: wget http://cisofy.com/files/lynis-version.tar.gz Unpack tarball: tar xfvz lynis-version.tar.gz This will unpack the tarball with a Lynis directory. Go into this directory: cd lynis-version When running Lynis for the very first time, just just the -c parameter. It will start the audit process and pauses after every batch of tests. […]

Read more

How to secure Linux systems – Auditing, Hardening and Security

How to secure Linux systems Within this article we have a look on how to secure a Linux system. Focus of the article is providing tips regarding auditing, hardening and general security of Linux servers. Hardening Focus on minimizing By minimizing the footprint of the server, its data and users, we can more quickly determine if a system is running properly. Also risks will be reduced, as every part on a system might be something which can be sooner or […]

Read more

Lynis Hardening Index

Lynis Hardening Index At the end of each Lynis scan the report will be displayed. This report will include the findings (warnings and suggestions) and general information like the amount of security tests performed. Additionally the location of the log file and report data will be displayed. Between all this information there is a “Lynis hardening index” displayed. This index isĀ  unique to Lynis. The index gives the auditor an impression on how well a system is hardened. This number […]

Read more
1234