2018-06-23 (last updated at July 9th, 2018) Michael BoelenAuditing, Hardening, Linux 4 comments

How to secure a Linux system

Every Linux system will benefit from more security, especially if it contains sensitive data. With so many resources available on the internet, one might think that securing Linux has become easy. We know it is not. Linux system hardening takes a good amount of understanding about how the Linux kernel works. It also requires a good understanding of the operating system principles. In this guide, we will help you to get this understanding and provide you with tips and tools. The […]

2018-06-12 (last updated at July 22nd, 2018) Michael BoelenCareer

How to become a Linux security expert?

Years ago it was a challenge to find screenshots of devices running Linux. Nowadays, Linux can power phones, TV’s, computer systems, mainframes, and many more devices. With more devices, the demand for Linux knowledge will continue to grow. At the same time, the demand for security is higher than ever. All the media attention and regulations like GDPR, asks for more Linux security specialists. In this post, the goal is to answer the question: How to become a Linux security expert? […]

2017-12-21 (last updated at May 27th, 2018) Michael BoelenLinux One comment

The state of Linux security in 2017

Linux security (2017 edition) The year is closing, so it is time to review Linux security. Like last year, we look at the state of Linux security. A collection of the finest moments. Did we forget something important? Let us know in the comments. This post will remain updated in the upcoming weeks. As this post may appear on HN, Reddit, Slashdot, and other high-traffic sites, this post is heavily cached. Comments may show up with some delay. January: MongoDB, Debian […]

2017-08-15 Michael BoelenLinux

Linux security myths

Myth busting: Linux security As the author of Lynis, I have to run several Linux systems for testing Linux security defenses. And if you do something long enough, some get to see you as a Linux security expert. When that happens, you get asked questions. Surprisingly they are often related to some of the myths. Time to share a few I got asked. If you received this link from me directly, then most likely you asked one :) Linux systems […]

2016-12-22 (last updated at July 20th, 2018) Michael BoelenLinux 4 comments

The state of Linux security

Linux security and its developments In the last 10 years, GNU/Linux achieved something some foreseen as almost impossible: powering both the smallest and biggest devices in the world and everything in between. Only the desktop is not a conquered terrain yet. The last years had a great impact on the world. Both from a real-life perspective, as digitally. Some people found their personal details leaked on the internet, others found their software being backdoored. Let’s have a look back on […]

2016-09-22 (last updated at June 24th, 2018) Michael BoelenHardening, Linux, System Administration Leave a comment

Linux security guide: the extended version

Feeling overwhelmed with the resources available to secure your Linux system? With this Linux security guide, we walk step-by-step through the options, tools, and resources. After reading this article, you will be able to make educated decisions about what Linux security defenses to implement for your systems. You will be introduced to the right tools that help you automate and test your improvements. Instead, related articles and resources will be available in the text. The goal is to make this guide into […]

2016-06-07 (last updated at March 7th, 2017) Michael BoelenLinux Leave a comment

The Most Influential Linux Security Blogs

Linux Security Blogs Finding quality blogs about Linux security can be challenging. We made an effort to seek the best and most influential blogs on the internet. What makes it influential? It should have quality articles, regularly updated and tailored to Linux or UNIX security. The countless “How to” websites are skipped. Months of searching and reading resulted in a list of blogs, sorted by category. If you are interested in the developments on Linux security, add them to your […]

2016-02-08 (last updated at April 16th, 2017) Michael BoelenMalware 3 comments

Dealing with Linux Malware, Insights by the Author of rkhunter

Linux Malware Malicious software plague computers for more than 40 years. It is hard to think this threat will ever stop. The Linux platform definitely has their share of malware, although many people never experienced it firsthand. Let’s dive into this subject and discover why your system might actually being compromised at this very moment. The types of malware To understand the risks, you have to understand the threats and weaknesses. When we talk about malware, there are different family […]

2016-01-18 (last updated at August 1st, 2018) Michael BoelenFirewall One comment

Differences between iptables and nftables explained

The seasoned Linux administrator will be familiar with iptables, the network traffic filter. If you ever configured a Linux system with an ethernet bridge configuration, you might even have worked with ebtables. Or possibly you wanted to filter ARP traffic and used arptables? Newcomer nftables has arrived, with the purpose to replace iptables, ip6tables, ebtables and arptables. As with every big upcoming change, it is good to know the differences. We explain what makes nftables different to iptables, and why […]

2014-07-30 (last updated at December 12th, 2015) Michael BoelenLinux Leave a comment

Security Program: Implementing Linux Security

Security Program: Implementing Linux Security Information security is possibly one of the hardest subjects in IT. Doing too less and you risk of security breaches. Doing too much will restrict the core businesses of your organization. With a proper security program, implementing Linux security can be greatly simplified. By having a structured approach, the strength of the defenses will increase, while risks decrease. In this article, we have a look at how to properly prepare security projects and changes. This […]

2014-05-30 (last updated at July 7th, 2018) Michael BoelenHardening Leave a comment

Linux hardening steps for starters

Most systems have confidential data that needs to be protected. To safeguard this data, we need to secure our Linux system. But how to properly harden a Linux system? In this article, we will cover this step by step. We start by with physical security measures to prevent unauthorized people from access the system in the first place. Next is doing the installation the right way, so we have a solid foundation. Finally, we will apply a set of common […]