Automation
Distributing SSH keys: using ssh-copy-id, manually or automated
Learn how to get your SSH keys easier to another system using different available methods such as manually or a tool like ssh-copy-id
Summary
When you want to allow public key authentication, you have to first create a SSH keypair. Next step is then the distribution of the public key to the other systems. Let’s have a look at a few options, including using the ssh-copy-id utility. Option 1: Manually In the past, you had to log in manually to the new system and do things yourself. Especially if you created your key with a tool like PuTTYgen on Windows.
Security Integration: Configuration Management and Auditing
Configuration management and system auditing go hand in hand. Learn why and this combination is so powerful.
Summary
Increased strength when combining tools for automation and security of IT environments Tools like Ansible, Chef, and Puppet are used a lot for rapid deployment and keeping systems properly configured. These tools in itself are great for ensuring consistency over your systems. So what is Configuration Management? Configuration management is the art of keeping systems properly configured. Usually companies start small, which equals manual configuration. Each time a new system is deployed, it is configured manually.
Using unattended-upgrades on Debian and Ubuntu
To counter the biggest threat to software packages, Debian and Ubuntu based systems can use unattended-upgrades, to install security patches automatically.
Summary
To counter the biggest threat to software packages, they should be updated on a regular basis. Vulnerabilities are discovered on a daily basis, which also requires we monitor daily. Software patching takes time, especially when testing and reboots are needed. Fortunately, systems running Debian and Ubuntu can use unattended-upgrades to achieve automated patch management for security updates. Installation With most software packages, unattended-upgrades has to be installed. apt install unattended-upgrades
Why Linux security hardening scripts might backfire
We talk about the risks when using Linux security hardening scripts in this article. Hardening Linux with scripts might look like a nice idea, but is it?
Summary
System administrators and engineers love to automate things. In the quest to get everything replaced by a script, automated hardening of systems is often requested. Unfortunately this automation might later backfire, resulting in a damaged trust in system hardening. Why System Hardening? The act of increasing system defenses is a good practice. It helps protecting your valuable data, so it can only be used by authorized people. System hardening itself consists of minimizing services and removing unneeded ones.
Security Automation for Linux: Are Humans Still Needed?
Machines are smarter, quicker and make less mistakes compared to humans. They might be the ultimate resource for security automation, securing our systems.
Summary
The problem with humans is that they are smart yet slow at the same time. They can’t react to simultaneous events and aren’t always working. Besides that, they make mistakes, have to deal with budgets and internal company politics. Information security is impacted by these effects as well. As you might have guessed the solution is in automation. SCAP (Security Content Automation Protocol) is one of the answers. Especially the automation part is interesting, as it can improve quality, decrease time efforts and remove the “boring” work.
OpenSCAP on CentOS 7 – Installing from source
Sometimes we need to build things from source. In this article we install OpenSCAP on CentOS 7 by compiling and installing it manually.
Summary
Installing from source Security automation is hot and we love it. One way is using the OpenSCAP toolkit. Unfortunately it is not mature enough, so you might want to build and install it from source. We share our findings while creating our test environment. Install required components On our minimum installed CentOS 7 system, we need to install a few components. Most are related to compiling C++ and parsing XML files.
5 things you didn’t know about shell scripting
Shell scripting doesn't have to be boring. Let's look at a few common things that many don't know about about shell scripts.
Summary
Our security auditing tool Lynis is a toolkit consisting of several shell scripts. Many users of the software actually never realized it was written as a bunch of shells scripts. Now that the secret is out, it is time to learn why we used shell scripting. Here are 5 reasons! 1. Shell scripting is powerful Yes, people asked us why our tool Lynis was not written in Perl, Python, Ruby, C++ etc.
CAATTs for Linux: Lynis
Article about a tool within CAATTs for Linux: Lynis. Helping auditors with computer-assisted audit tools and techniques, with focus on Linux and Unix scans.
Summary
Within the field of the audit profession the usage of CAAT (Computer-assisted audit techniques) or CAATTs (computer-assisted audit tools and techniques) is growing. Lynis is filling this gap for Linux and Unix based systems. It’s a well-known and stable tool in this area and improves the audit process by automation. Only a few items could then be checked manually. This saves time, makes the audit more predictable and increases the quality of the overall audit.