Linux Security Scanning for Dummies

Every system needs some level of protection. Still, many people simply forget to do it, or can not find the time to properly do it. To be as efficient and effective as possible, let’s take at a structured way for security scanning your Linux machines.

The 5 dummy steps are:

1. Focus on risk

Like not every company is a bank, our systems are not all part of a top secret mission. We have to look at the risks involved. By focusing on the threats to the system, and the possible vulnerabilities, we can eliminate a lot of work.

2. Go for the quick wins first

We all want to make progress. While it might sound great to have the latest IDS technology implemented, it might also cost a lot of time and money. So instead, get some quick wins implemented first, then go for the bigger impact changes.

3. Monitor your changes

After implementing changes and go to the next one, it is easy to have your improvements being undone by other colleagues, or yourself.. To counter these newly weaknesses in your defenses, measure your security levels and implement monitoring. If something changes which was unintended, get an alert out.

4. Have others test your systems

Sure, you are smart and you know it all. But might there a possibility you overlooked something? Sure.. Get a friendly colleague or your Linux buddy and have them look at your security efforts. You might pickup some new things on the way!

5. Document

The hardest thing in security is knowing what you have done, why and when. Properly documenting it, will save you a lot of time afterwards. Use a great spreadsheet, your change management tool, or even configuration files. Whatever you pick, document it! Add the change, the date, the reasoning and the author of the change. Your colleagues will be thankful for you in the future.

Feedback

Small picture of Michael Boelen

This article has been written by our Linux security expert Michael Boelen. With focus on creating high-quality articles and relevant examples, he wants to improve the field of Linux security. No more web full of copy-pasted blog posts.

Discovered outdated information or have a question? Share your thoughts. Thanks for your contribution!

Mastodon icon