Linux Security Book

One day we will collect all that we have written and put it in a nice book. For now, let’s start categorizing the posts.

Basic Linux knowledge

The first step is knowing the basics of Linux. Too often this area is ignored, while it may actually have the biggest impact of all. Knowing the right tools in Linux can cut work in half.

Our first tip is to learn how to properly use the grep command. Within this referenced article, you find several ways to quickly weed out data you are not interested in. A great way to get to the gems in your dataset and very useful for automating repeating tasks.


Password security

One of the most breached entry points of a Linux system is via weak passwords. This could be a default password, or simply a password that is too easy to guess. Linux systems can be hardened by configuring a minimum password length and related password strength. The minimum password length increases the power needed to crack the related password.

Another protection mechanism is using pam_tally or pam_tally2 to counter brute-force attempts to guess the password of a user. Too many failed login attempts can trigger a temporary lock for that user.

Linux compliance and security standards

The increasing number of security standards can make our life more complicated. Especially if these standards are vague in nature and don’t really describe what they expect from you. So these standards need to be translated into technical steps and advice. One of these documents is achieving PCI DSS compliance and certification for Linux, for those who deal with credit card payments.

PCI DSS logo for Linux systems compliance

Another regulation that will need to be addressed by companies storing personal information on citizens from the European Union is the General Data Protection Regulation (GDPR). We addressed the steps to take to minimize the risk on breaches in our GDPR guide with technical requirements for Linux systems.

Hardening guides

Many of the system hardening principles apply to all Linux distributions. Each of these distributions still has their own way of being configured. Here is a Ubuntu system hardening guide.