Become a Linux auditor: tips to start with auditing the Linux platform

Become a Linux auditor: tips to start with auditing the Linux platform This guide helps people new to the Linux platform to get a grasp on how the system works. Whenever you are an IT auditor, or simply want to know more about the basics, this guide helps you in determining where to start an audit. Processes Each operating system consists of smaller running processes. In case of Linux this is true as well and can be displayed with the […]

Read more

Linux server security: Three steps to secure each system

Linux server security: Three steps to secure each system Determining the level of Linux server security can only by measuring the actual implemented security safeguards. This process is called auditing and focuses on comparing common security measures with the ones implemented. While there is almost no system with all possible safeguards implemented, we still can determine how well (or badly) the system is protected. Security is about finding the weakest link(s) and associate risk with each weakness. Depending on the […]

Read more

Linux kernel security and how to improve it

Linux kernel security Every system is as strong as its weakest link. In the case of an operating system a weakness in the kernel often means a total compromise. Therefore we focus in this article on Linux kernel security, what we can do and where to look for. Configuration of the kernel To view or configure security related parameters of the kernel, there is the /etc/sysctl.conf file. This file stores the parameters and is read during boot time. However we […]

Read more

Conduct a Linux Server Security Audit

Conduct a Linux Server Security Audit Auditing a system can be a time consuming job, which is no different when conducting a Linux server security audit. Within this article we give some highlights regarding the audit and tips to automate them by using Lynis. The business goal Before auditing any system, determine the business goal of the system. How critical is this system for doing business? What if the system goes down? Usually each system has a clear role or […]

Read more

Open source vulnerability scanner for Linux systems – Lynis

Open source vulnerability scanner for Linux There are several open source vulnerability scanners for Linux, like OpenVAS. While tools like these are powerful as well, we will have a look at Lynis, our auditing tool to detect vulnerabilities of Linux and Unix systems. Why is it different than others and how can it help you in securing your systems? Vulnerabilities Every piece of software will have sooner or later a vulnerability, a minor or major weakness which can be abused […]

Read more

Configuring and auditing Linux systems with Audit daemon

Configuring and auditing Linux systems with Audit daemon The Linux Audit Daemon is a framework to allow auditing events on a Linux system. Within this article we will have a look at installation, configuration and using the framework to perform Linux system and security auditing. Auditing goals By using a powerful audit framework, the system can track many event types to monitor and audit the system. Examples include: Audit file access and modification See who changed a particular file Detect […]

Read more

CAATTs for Linux: Lynis

CAATTs for Linux Within the field of the audit profession the usage of CAAT (Computer-assisted audit techniques) or CAATTs (computer-assisted audit tools and techniques) is growing. Lynis is filling this gap for Linux and Unix based systems. It’s a well-known and stable tool in this area and improves the audit process by automation. Only a few items could then be checked manually. This saves time, makes the audit more predictable and increases the quality of the overall audit. Lynis Based […]

Read more

Antivirus for Linux: is it really needed?

Antivirus for Linux The question regarding the need of antivirus for Linux is still a hot subject. Is it really needed or simply a nice-to-have? Within this article we have a look at antivirus for Linux and the alternative options. Malware Antivirus is a security measure to protect against malicious software, also known as malware. Most malware is still focused on Windows, followed by mobile devices and Mac OS. While there is malware for Linux, these pieces usually attack server […]

Read more
15678