Linux Vulnerabilities Explained: From Detection to Treatment

Linux Vulnerabilities Explained If you worked with a computer the last decade, you know the importance of keeping your software up-to-date. Those who don’t, are stacking up vulnerabilities, waiting for them to being exploited by others. Although GNU/Linux and most software are open source and can be reviewed, security flaws in software packages remain. While it isn’t easy to close every vulnerability on your system, we can at least create a stable process around it. The goals? Know which vulnerabilities exists […]

Read more

List Network Interfaces on Linux Systems (and others)

Show Network Interfaces The network configuration is a common place to start during system configuration, security audits, and troubleshooting. No surprise that Lynis helps with collecting information about network interfaces, like MAC and IP addresses. We will have a look on how to gather this information yourself, like listing all available interfaces. Although we focus a lot here at Linux, we will include tips for other platforms, like macOS. Network configuration Linux Previously the most obvious command to obtain the available […]

Read more

In-depth Linux Guide to Achieve PCI DSS Compliance and Certification

Linux Guide for PCI DSS Certification, Compliance, and Auditing If you work for a company which accepts, processes or stores credit card details, you might be very familiar with the PCI Data Security Standard (DSS). The standard itself is detailed, yet sometimes unclear on what specifically to implement (and when). This guide will help with translating the PCI standard to technical security controls on Linux systems. It is based on the current version of PCI DSS, which is now version […]

Read more

Tiger is History, Long Live Modern Alternatives!

The History and Alternatives to the Tiger Security Tool Recently I saw some tweets showing up from an old friend: Tiger. Surprised to see it being promoted, as I know the tool for years, but never seen any new releases in the last years. Both are actually a shame. An outdated tool is usually of lower value. Promoting old tools might actually disappoint others and harm the initial trust in the software. History of Tiger In its day, the tool […]

Read more

Find Differences Between Two Daily Lynis Audits

Comparing Lynis Scan Results Lately I saw a great feature request for Lynis, to detect differences between two runs of Lynis. Wouldn’t it be great to run Lynis daily and then see if anything changes and act upon those differences? While our auditing tool doesn’t have such an option itself, it is very easy to implement something and fine-tune it to your needs. Report Lynis has two important files to which is logs data: /var/log/lynis.log /var/log/lynis-report.dat The first file /var/log/lynis.log has […]

Read more

The 101 of ELF Binaries on Linux: Understanding and Analysis

Executable and Linkable Format An extensive dive into ELF files: for security incident response, development, and better understanding We often don’t realize the craftsmanship of others, as we conceive them as normal. One of these things is the usage of common tools, like ps and ls. Even though the commands might be perceived as simple, under the hood there is more to it: ELF binaries. Let’s have an introduction into the world of this common file format for Linux and […]

Read more

Audit which network ports are used by a Linux process

Auditing Processes and Network Services Most network related services have to open up a network socket, so they can start listening for incoming network requests. It is common to find the TCP or UDP being used as the main communication protocol. In this article, we start auditing what kind of network communications are relevant to a particular Linux process, or a set of processes. Find out what process is listening to a port Only one process can actively listen to […]

Read more

SOx compliance and Enron: The Smartest Guys in the Room

Enron: The Smartest Guys in the Room If you are involved with Linux security, you might already have come across SOx compliance. Usually from a sysadmins point of view, work doesn’t get easier due to these compliance requirements. Still there are some lessons we can learn, followed by a great documentary to watch about Enron. The Sabanes-Oxley Act, SOx for short, now applies to all companies who like to have their stock exchanged at the New York stock exchange (NYSE). The […]

Read more
191011121329