Audit

Linux Audit Framework

Collection of articles about the Linux Audit Framework and how one might use this to configure and optimize the auditd configuration and use relevant tools.

OpenSSH security and hardening

The SSH configuration influences the security of your Linux system. This guide helps you to secure your OpenSSH server and client configuration.

How to secure a Linux system

Looking to secure your Linux system? This security guide shows you how to perform system hardening and run technical audits to keep it in optimal condition.

The Difference Between Auditing and Vulnerability Scanning

What are the differences between technical auditing and vulnerability scanning? While they are close, the focus is definitely different.

In-depth Linux Guide to Achieve PCI DSS Compliance and Certification

This is the technical Linux guide to achieve compliance with the PCI DSS standard. Become compliant, with Linux tips for configuration and auditing.

Find differences between two daily Lynis audits

It can be useful to see the differences between scans of Lynis, especially when running it daily. Learn how to do this with just a few steps

Logging root actions by capturing execve system calls

Logging all actions performed by root might be needed for compliance or security. With the help of Linux audit we log all root actions easy in an audit log.

Find the alternatives: CIS-CAT auditing tool

Sometimes time or money is limited. We hunt to find great alternatives to commercial solutions. This time alternatives for the CIS auditing tool CIS-CAT.

Linux Audit Framework 101 – Basic Rules for Configuration

The Linux audit framework is a very powerful tool to monitor files, directories, and system calls. Learn how to configure it.

Finding setuid binaries on Linux and BSD

To perform a basic audit of the binaries on your system, we can search for setuid binaries. Finding these setuid binaries is easy with the find command.

Creating audit trails – Logging commands on Linux with Snoopy

Snoopy is a useful utility to log commands on Linux and create a related audit trail. Auditing trails are considered to be important for proper accounting.

Linux Security Scanning for Dummies

Security scanning can be boring and time consuming. In this article we have a look at how simple it can be, when it comes to security scans.

Linux security: Reviewing log files

Log files are the precious collection of system events. Still many people don't really use them, until it is really needed. Let's change that!

How to audit AIX Unix systems with Lynis

The term audit may sound more official than it is. This article shows how to perform a security scan of your AIX systems and apply hardening measures.

Linux audit: Log files in /var/log/audit

This article describes the purpose of the audit.log file in /var/log/audit and the relationship with the Linux audit framework.

Unix security audit: Perform an audit in 3 minutes

Quick guide for performing a Unix security audit on a Unix or Linux based system. Under three minutes you have the results and finished the first audit!

Auditing Linux: what to audit?

When auditing a Linux system, it might be hard to determine what to audit actually. This article will provide some guidance and tips.

Configuration and collecting of Linux audit events

Guide to setup central audit logging for your Linux based systems, with the use of the powerful Linux audit framework. No single audit log should get lost!

Linux Audit Framework: using aureport

Guide regarding the aureport utility, including some aureport examples. Aureport helps with audit reports and is part of the Linux audit framework.

Linux audit log: dealing with audit.log file

Article to deal with the Linux audit log file and how to use it. Including tips to search events and safeguard it against unintended alteration of the log.

Lynis for Auditors: Linux and Unix auditing

Article about Linux / Unix auditing with a focus on the usage of Lynis for auditors. Simplifying the work of the auditor and increasing the quality of work.

Conducting a Linux Server Security Audit

Performing a Linux server security audit can be a time consuming process. In this article the most important parts are explained including automation.

What is a security audit?

This article describes what a security audit is and why or when to use it. System audits also apply to Linux systems as part of technical auditing.

FreeBSD hardening with Lynis

This article provides tips for FreeBSD hardening by using a powerful tool named Lynis. This script will perform an extensive audit to secure your systems.

Configuring and auditing Linux systems with Audit daemon

Guide for auditing Linux systems by using the audit daemon and related utilities. This powerful audit framework has many possibilities for auditing Linux.

CAATTs for Linux: Lynis

Article about a tool within CAATTs for Linux: Lynis. Helping auditors with computer-assisted audit tools and techniques, with focus on Linux and Unix scans.

Auditing Linux: Software Packages and Managers

Article about how to audit and check installed software packages and their security by using the related package managers.

Securing Linux: Audit with Lynis (an introduction into auditing)

Introduction article into securing Linux based systems by performing a scan with Lynis. After this first audit it will be much easier to harden the system!

Linux Audit: Auditing the Network Configuration

This article describes how to audit the network configuration of Unix and Linux based systems, with useful tips for auditors and system administrators.