Linux Security

Dealing with Linux Malware, Insights by the Author of rkhunter

Malicious software plague computers for more than 40 years and most likely this threat will never stop. What should you know about it to protect yourself?

Summary of Dealing with Linux Malware, Insights by the Author of rkhunter

Malicious software plague computers for more than 40 years. It is hard to think this threat will ever stop. The Linux platform definitely has their share of malware, although many people never experienced it firsthand. Let’s dive into this subject and discover why your system might actually being compromised at this very moment. The types of malware To understand the risks, you have to understand the threats and weaknesses. When we talk about malware, there are different family types, each with their own threat and method of attack.

Read the full article…

Differences between iptables and nftables explained

An overview of the differences between firewall technologies iptables and nftables. We highlight the major differences like simplicity and management.

Summary of Differences between iptables and nftables explained

The seasoned Linux administrator will be familiar with iptables, the network traffic filter. If you ever configured a Linux system with an ethernet bridge configuration, you might even have worked with ebtables. Or possibly you wanted to filter ARP traffic and used arptables? Newcomer nftables has arrived, with the purpose to replace iptables, ip6tables, ebtables and arptables. As with every big upcoming change, it is good to know the differences. We explain what makes nftables different to iptables, and why you want to adopt it in the near future.

Read the full article…

How to become a Linux security expert?

Demand for Linux security experts has risen over the last years. This article shows the relevant Linux security topics and required skills. Do you master them?

Summary of How to become a Linux security expert?

Years ago it was a challenge to find screenshots of devices running Linux. Nowadays, Linux can power phones, TV’s, computer systems, mainframes, and many more devices. With more devices, the demand for Linux knowledge will continue to grow. At the same time, the demand for security is higher than ever. All the media attention and regulations like GDPR, asks for more Linux security specialists. In this post, the goal is to answer the question: How to become a Linux security expert?

Read the full article…

How to secure a Linux system

Looking to secure your Linux system? This security guide shows you how to perform system hardening and run technical audits to keep it in optimal condition.

Summary of How to secure a Linux system

Every Linux system will benefit from more security, especially if it contains sensitive data. With so many resources available on the internet, one might think that securing Linux has become easy. We know it is not. Linux system hardening takes a good amount of understanding about how the Linux kernel works. It also requires a good understanding of the operating system principles. In this guide, we will help you to get this understanding and provide you with tips and tools.

Read the full article…

Linux hardening steps for starters

One of the myths is that Linux systems are secure by default. Even with a good foundation, some system hardening still needs to be done. This article will show you what and how.

Summary of Linux hardening steps for starters

Most systems have confidential data that needs to be protected. To safeguard this data, we need to secure our Linux system. But how to properly harden a Linux system? In this article, we will cover this step by step. We start by with physical security measures to prevent unauthorized people from access the system in the first place. Next is doing the installation the right way, so we have a solid foundation.

Read the full article…

Linux security guide: the extended version

Feeling overwhelmed with the options available to secure your Linux system? With this guide, we walk step-by-step through the option, tools, and resources.

Summary of Linux security guide: the extended version

Feeling overwhelmed with the resources available to secure your Linux system? With this Linux security guide, we walk step-by-step through the options, tools, and resources. After reading this article, you will be able to make educated decisions about what Linux security defenses to implement for your systems. You will be introduced to the right tools that help you automate and test your improvements. Instead, related articles and resources will be available in the text.

Read the full article…

Linux security myths

Summary of Linux security myths

Myth busting: Linux security As the author of Lynis, I have to run several Linux systems for testing Linux security defenses. And if you do something long enough, some get to see you as a Linux security expert. When that happens, you get asked questions. Surprisingly they are often related to some of the myths. Time to share a few I got asked. If you received this link from me directly, then most likely you asked one :)

Read the full article…

Security Program: Implementing Linux Security

We have a look at implementing Linux security in IT environments and the related success criteria. By planning for success, implementing Linux security can be achieved with less resources.

Summary of Security Program: Implementing Linux Security

Information security is possibly one of the hardest subjects in IT. Doing too less and you risk of security breaches. Doing too much will restrict the core businesses of your organization. With a proper security program, implementing Linux security can be greatly simplified. By having a structured approach, the strength of the defenses will increase, while risks decrease. In this article, we have a look at how to properly prepare security projects and changes.

Read the full article…

The Most Influential Linux Security Blogs

Linux security is hot, yet blogs about Linux security are rare. Besides our own blog, here are the most influential bloggers and developers we know.

Summary of The Most Influential Linux Security Blogs

Linux Security Blogs Finding quality blogs about Linux security can be challenging. We made an effort to seek the best and most influential blogs on the internet. What makes it influential? It should have quality articles, regularly updated and tailored to Linux or UNIX security. The countless “How to” websites are skipped. Months of searching and reading resulted in a list of blogs, sorted by category. If you are interested in the developments on Linux security, add them to your RSS feed reader.

Read the full article…

The state of Linux security

This is the state of Linux security. With the most important updates around Linux and open source security. From conferences to self-protection.

Summary of The state of Linux security

Linux security and its developments In the last 10 years, GNU/Linux achieved something some foreseen as almost impossible: powering both the smallest and biggest devices in the world and everything in between. Only the desktop is not a conquered terrain yet. The last years had a great impact on the world. Both from a real-life perspective, as digitally. Some people found their personal details leaked on the internet, others found their software being backdoored.

Read the full article…

The state of Linux security in 2017

The year 2017 is closing, so it is time to review Linux security. Like last year, we look at the state of Linux security. A collection of the finest moments.

Summary of The state of Linux security in 2017

Linux security (2017 edition) The year is closing, so it is time to review Linux security. Like last year, we look at the state of Linux security. A collection of the finest moments. Did we forget something important? Let us know in the comments. This post will remain updated in the upcoming weeks. As this post may appear on HN, Reddit, Slashdot, and other high-traffic sites, this post is heavily cached.

Read the full article…