Linux Security Scanning for Dummies

Linux Security Scanning for Dummies

Every system needs some level of protection. Still, many people simply forget to do it, or can not find the time to properly do it. To be as efficient and effective as possible, let’s take at a structured way for security scanning your Linux machines.

The 5 dummy steps are:

1. Focus on risk

Like not every company is a bank, our systems are not all part of a top secret mission. We have to look at the risks involved. By focusing on the threats to the system, and the possible vulnerabilities, we can eliminate a lot of work.

2. Go for the quick wins first

We all want to make progress. While it might sound great to have the latest IDS technology implemented, it might also cost a lot of time and money. So instead, get some quick wins implemented first, then go for the bigger impact changes.

3. Monitor your changes

After implementing changes and go to the next one, it is easy to have your improvements being undone by other colleagues, or yourself.. To counter these newly weaknesses in your defenses, measure your security levels and implement monitoring. If something changes which was unintended, get an alert out.

4. Have others test your systems

Sure, you are smart and you know it all. But might there a possibility you overlooked something? Sure.. Get a friendly colleague or your Linux buddy and have them look at your security efforts. You might pickup some new things on the way!

5. Document

The hardest thing in security is knowing what you have done, why and when. Properly documenting it, will save you a lot of time afterwards. Use a great spreadsheet, your change management tool, or even configuration files. Whatever you pick, document it! Add the change, the date, the reasoning and the author of the change. Your colleagues will be thankful for you in the future.

One more thing...

Keep learning

So you are interested in Linux security? Join the Linux Security Expert training program, a practical and lab-based training ground. For those who want to become (or stay) a Linux security expert.

See training package

Lynis Enterprise screenshot to help with system hardeningSecurity scanning with Lynis and Lynis Enterprise

Run automated security scans and increase your defenses. Lynis is an open source security tool to perform in-depth audits. It helps with system hardening, vulnerability discovery, and compliance.


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.