Apparmor

An Introduction Into Linux Security Modules

Security frameworks like SELinux, AppArmor and SMACK provide protection to Linux. These Linux security modules, or LSM, are a great defensive layer to the system.

Summary of An Introduction Into Linux Security Modules

Background of Linux security modules Like normal kernel modules, security modules extend the basic functionality of the Linux kernel. The need for a modular structure was proposed when SELinux was being introduced. There was a little discussion to use modules or not, as SELinux was the only one being available. Some people proposed apply it as a kernel patch, but in the end Linux creator Torvalds, decided to make this type of functionality modular.

Read the full article…

AppArmor

AppArmor is the profile-based security security framework and available on many Debian-based distributions. In this article we look at the basics of this security framework, its purpose and features.

Summary of AppArmor

AppArmor is the profile-based security security framework and available on many Debian-based distributions. In this article we look at the basics of this security framework, its purpose and features. History AppArmor was developed by Canonical Ltd. and therefore included in their own Ubuntu distribution. included in Ubuntu and other Debian-based distributions What is AppArmor? AppArmor is a profile-based MAC framework. As the name implies, profiles are used that focus on simplifying security management.

Read the full article…

Linux security frameworks

Linux security frameworks restrict unauthorized access by defining a policy and a set of predefined rules. In this article we look their purpose and how they work.

Summary of Linux security frameworks

Linux security frameworks restrict unauthorized access by defining a policy and a set of predefined rules. In this article we look their purpose and how they work. Purpose of security frameworks Linux security frameworks aim to enforce mandatory access controls (MAC). This is a way of saying to restrict the actions that processes and users can perform on the system. Unlike discretionary access controls (DAC), which rely on the discretion of users and processes, MAC frameworks enforce policies defined by the system administrator.

Read the full article…

Ubuntu system hardening guide for desktops and servers

Step by step guide to secure any Ubuntu desktop or server. Harden your Ubuntu during installation and afterwards with the available security tips.

Summary of Ubuntu system hardening guide for desktops and servers

The system hardening process of a system is critical during and after installation. It helps the system to perform its duties properly. This blog post shows you several tips for Ubuntu system hardening. It will dive into the most critical steps to take first. Then more specific hardening steps can be added on top of these. As most security guides only tell you what to do, we will also go into more detail on why a specific security measure is important.

Read the full article…