Docker Security: Best Practices for your Vessel and Containers

Docker Security Everything you need to know about Docker security.   Introduction into Docker Docker became very popular in a matter of just a few years. Operating systems like CoreOS use Docker to power the system by running applications on top of their own lightweight platform. Docker in its turn, provides utilities around technologies like Linux container technology (e.g. LXC, systemd-nspawn, libvirt). Previously Docker could be described as the “automated LXC”, now it’s actually even more powerful. What it definitely […]

Read more

Yum plugins: Available plugins and built-in security support

Enhancing yum Determine available plugins and built-in security support To enhance the support in our auditing tool Lynis, we wanted to know if yum supports security related functions by using a plugin or having it as built-in functionality. Yum Yum, or Yellowdog Updater Modified, is a software management tool for Linux based systems. Usually it is used on systems running SuSE or Red Hat based (like RHEL, Fedora or CentOS). Plugins extend the functionality of yum, to improve its functionality. […]

Read more

Audit security events on Unix systems

Audit security events on Unix systems Protecting computer networks consists of implementing preventative measures, but especially properly implementing detection methods. These digital tripwires can be used for intrusion detection, or proper handling security events on Unix systems. Security events First we have to define a few events which are or can be security related. To get easily started, we focus on 3 tips to implement security events on Unix systems. 1. File changes Some files you don’t want to change […]

Read more

Linux kernel security and how to improve it

Linux kernel security Every system is as strong as its weakest link. In the case of an operating system a weakness in the kernel often means a total compromise. Therefore we focus in this article on Linux kernel security, what we can do and where to look for. Configuration of the kernel To view or configure security related parameters of the kernel, there is the /etc/sysctl.conf file. This file stores the parameters and is read during boot time. However we […]

Read more

Conduct a Linux Server Security Audit

Conduct a Linux Server Security Audit Auditing a system can be a time consuming job, which is no different when conducting a Linux server security audit. Within this article we give some highlights regarding the audit and tips to automate them by using Lynis. The business goal Before auditing any system, determine the business goal of the system. How critical is this system for doing business? What if the system goes down? Usually each system has a clear role or […]

Read more

Open source vulnerability scanner for Linux systems – Lynis

Open source vulnerability scanner for Linux There are several open source vulnerability scanners for Linux, like OpenVAS. While tools like these are powerful as well, we will have a look at Lynis, our auditing tool to detect vulnerabilities of Linux and Unix systems. Why is it different than others and how can it help you in securing your systems? Vulnerabilities Every piece of software will have sooner or later a vulnerability, a minor or major weakness which can be abused […]

Read more

Auditing Linux: Software Packages and Managers

Auditing Linux: Software Packages and Managers No system can do its job without any installed software packages. However after installation of the system, or running it for a while, it often becomes unclear why some software was ever installed. This article looks at methods on auditing installed software, check for security updates and the related follow-up. Package managers To enable system administrators to properly manage software and upgrading them, Linux uses a package manager. This suite often consists of a […]

Read more
12