Linux Audit Framework: using aureport

Linux Audit Framework: using aureport The Linux audit framework logs events, as specified by the configured watches. To extract particular events we can use the ausearch or aureport tools. The latter is the one we will focus on in this article, to get the most out of the tool. Aureport The aureport utility can be executed without any parameters. It will then extract all audit events available from the log. Since the audit log can be very big, it might […]

Read more

Linux kernel security and how to improve it

Every system is as strong as its weakest link. In the case of an operating system like Linux, one weakness in the kernel could result in a security breach. This article covers the Linux kernel features and how they work. Kernel features Live kernel patching As the kernel is similar to other software, it receives updates to improve it. Now and then a security weakness is discovered in one of the subsystems of the Linux kernel. This means that Linux […]

Read more

Conducting a Linux Server Security Audit

Conducting a Linux Server Security Audit Auditing a system can be a time-consuming job, which is no different when conducting a Linux server security audit. Within this article, we give some highlights regarding the audit and tips to automate them by using Lynis. The business goal Before auditing any system, determine the business goal of the system. How critical is this system for doing business? What if the system goes down? Usually each system has a clear role or multiple […]

Read more

Open source vulnerability scanner for Linux systems – Lynis

Open source vulnerability scanner for Linux There are several open source vulnerability scanners for Linux, like OpenVAS. While tools like these are powerful as well, we will have a look at Lynis, our auditing tool to detect vulnerabilities of Linux and Unix systems. Why is it different than others and how can it help you in securing your systems? Vulnerabilities Every piece of software will have sooner or later a vulnerability, a minor or major weakness which can be abused […]

Read more

CAATTs for Linux: Lynis

CAATTs for Linux Within the field of the audit profession the usage of CAAT (Computer-assisted audit techniques) or CAATTs (computer-assisted audit tools and techniques) is growing. Lynis is filling this gap for Linux and Unix based systems. It’s a well-known and stable tool in this area and improves the audit process by automation. Only a few items could then be checked manually. This saves time, makes the audit more predictable and increases the quality of the overall audit. Lynis Based […]

Read more

Antivirus for Linux: is it really needed?

The question regarding the need for antivirus for Linux is after years still relevant. It is asked at forums and shows up regularly at Quora. As the original author of rkhunter, a malware scanner for Linux and Unix systems, I analyzed many malicious software components. You might be wondering that if there is malware, there is also a need for a scanner, right? It is actually not that easy to answer. It depends… So is antivirus on Linux really needed […]

Read more
123