Security

5 Basic Principles of Linux System Security

With 5 basic security principles we can improve the Linux system security, and question ourselves if we have done enough. After all it is your data and that of your customers you want to safeguard.

Summary of 5 Basic Principles of Linux System Security

It is still common that people do not know where to start when it comes to information security. With 5 basic principles we can improve the Linux system security and question ourselves if we have done enough. 1. Know your system(s) The first principle is about knowing what your system is supposed to do. What is its primary role, what software packages does it need and who needs access? By knowing the role of the system you can better defend it against known and unknown threats.

Read the full article…

Audit security events on Unix systems

Protecting computer networks consists of implementing preventative measures, including system auditing. A look at how to audit security events on Unix and dealing with these events.

Summary of Audit security events on Unix systems

Protecting computer networks consists of implementing preventative measures, but especially properly implementing detection methods. These digital tripwires can be used for intrusion detection, or proper handling security events on Unix systems. Security events First we have to define a few events which are or can be security related. To get easily started, we focus on 3 tips to implement security events on Unix systems. 1. File changes Some files you don’t want to change that often, like your DNS resolvers (/etc/resolv.

Read the full article…

Auditing Linux: Software Packages and Managers

Article about how to audit and check installed software packages and their security by using the related package managers.

Summary of Auditing Linux: Software Packages and Managers

No system can do its job without any installed software packages. However after installation of the system, or running it for a while, it often becomes unclear why some software was ever installed. This article looks at methods on auditing installed software, check for security updates and the related follow-up. Package managers To enable system administrators to properly manage software and upgrading them, Linux uses a package manager. This suite often consists of a package database, the software packages itself and several support tools.

Read the full article…

Conducting a Linux Server Security Audit

Performing a Linux server security audit can be a time consuming process. In this article the most important parts are explained including automation.

Summary of Conducting a Linux Server Security Audit

Auditing a system can be a time-consuming job, which is no different when conducting a Linux server security audit. Within this article, we give some highlights regarding the audit and tips to automate them by using Lynis. The business goal Before auditing any system, determine the business goal of the system. How critical is this system for doing business? What if the system goes down? Usually each system has a clear role or multiple roles, like being a web server.

Read the full article…

Create random passwords with OpenSSL/LibreSSL

For a quick way of generating random passwords we can use the OpenSSL utility, part of OpenSSL and LibreSSL.

Summary of Create random passwords with OpenSSL/LibreSSL

As system administrators, we know we sometimes have to create passwords. It might be for ourselves, or when creating them for colleagues and customers. For an easy and quick way of generating random passwords, we can use the OpenSSL utility, part of OpenSSL and LibreSSL. This toolkit is often already installed on systems running Linux. OpenSSL has a randomize function. If we feed the output through the base64 function, the scrambled set of characters can be made more human-friendly.

Read the full article…

DevOps vs Security: Can Docker make a difference?

Docker Inc. is one of the pioneers in the world DevOps, Known for its toolkit around Linux container technology. Aren't we battling the same security issues we have seen before?

Summary of DevOps vs Security: Can Docker make a difference?

One of the pioneers in the world DevOps, is the company Docker Inc. Known for its toolkit around Linux container technology, they propel the way this technology evolves and is promoted to the world. With great achievements and interest from the outside world, also comes a lot of pressure. Competing products are showing up, resulting in a battle for features, pricing and customers. Unfortunately for security professionals like us, the many security lessons from the past seems to be forgotten.

Read the full article…

Docker Security: Best Practices for your Vessel and Containers

In-depth article about Docker security features, best practices and its history. With container technology evolving, Docker security can be challenging..

Summary of Docker Security: Best Practices for your Vessel and Containers

Everything you need to know about Docker security. Introduction into Docker Docker became very popular in a matter of just a few years. Operating systems like CoreOS use Docker to power the system by running applications on top of their own lightweight platform. Docker in its turn, provides utilities around technologies like Linux container technology (e.g. LXC, systemd-nspawn, libvirt). Previously Docker could be described as the “automated LXC”, now it’s actually even more powerful.

Read the full article…

How Linux Security Fails to be Simple

Linux Security Should be Simple, Right? Why that is not a reality, and we might never achieve it is discussed in this article.

Summary of How Linux Security Fails to be Simple

Why that is not a reality, and we might never achieve it. Linux gained great popularity over the last 10 years, powering our servers and smartphones. With all the efforts put in creating more secure software, it seems installing security updates will remain a weekly task. Will this ever change? Security is Hard Properly securing a system means different things for different people. So let’s take the assumption that every system has a particular goal, secondly that it should be properly secured.

Read the full article…

Linux kernel security and how to improve it

Every system is as strong as its weakest link, especially the system kernel. This article explains Linux kernel security, what we can do and how to do so.

Summary of Linux kernel security and how to improve it

Every system is as strong as its weakest link. In the case of an operating system like Linux, one weakness in the kernel could result in a security breach. This article covers the Linux kernel features and how they work. Kernel features Live kernel patching As the kernel is similar to other software, it receives updates to improve it. Now and then a security weakness is discovered in one of the subsystems of the Linux kernel.

Read the full article…

Open source vulnerability scanner for Linux systems – Lynis

Within this article we discuss the possibilities of using an open source vulnerability scanner for Linux based systems.

Summary of Open source vulnerability scanner for Linux systems – Lynis

There are several open source vulnerability scanners for Linux, like OpenVAS. While tools like these are powerful as well, we will have a look at Lynis, our auditing tool to detect vulnerabilities of Linux and Unix systems. Why is it different than others and how can it help you in securing your systems? Vulnerabilities Every piece of software will have sooner or later a vulnerability, a minor or major weakness which can be abused by evildoers.

Read the full article…

Optimize SSL/TLS for Maximum Security and Speed

Everyone loves secure websites, as long as they are quick. Let's configure our website for maximum security and performance, at the same time.

Summary of Optimize SSL/TLS for Maximum Security and Speed

High Goal Setting Recently we changed our corporate website into a “HTTPS only” version. Most of the content is not secret information, still we have some sensitive areas. The ordering section and downloads, and additional our portal. While some areas were already covered with a lock, we felt it was time to make the jump to cover it all. Additionally, we believe that we doing everything we can on our website, practicing security hardening ourselves.

Read the full article…

Security Best Practices for Building Docker Images

To ensure your Docker images are properly configured, we show some of the best practices. Building secure Docker containers doesn't have to be hard.

Summary of Security Best Practices for Building Docker Images

Docker simplifies software packaging by creating small software units. It starts with a base OS image, followed by software installation and finally the configuration adjustments. For building your own images, Docker uses small build files, with the less than original name Dockerfile. Docker build files simplify the build process and help creating consistent containers, over and over. Unfortunately developers don’t always take security into account during the build process, resulting in software which is installed insecurely.

Read the full article…

Simplifying Security: Choose the Right Toolkit, not Tool.

Too often we select security products based on the amount of features, instead of smart combinations. Don't think in tools, but start building up a toolkit.

Summary of Simplifying Security: Choose the Right Toolkit, not Tool.

I applaud many of our customers for being smart. Not to say other people are not, but they have made a specific choice in the past based on an understanding. They understand that a single security solution to make your IT environment safe, simply does not exist. It is the combination of tools, or your toolkit, which does. For this same reason, a carpenter has a tool chest, not a single tool.

Read the full article…

Yum plugins: Available plugins and built-in security support

To determine the available yum plugins, we analyze them for our goal: discovering if security support is in the yum plugins itself or built-in by default.

Summary of Yum plugins: Available plugins and built-in security support

Enhancing yum Determine available plugins and built-in security support To enhance the support in our auditing tool Lynis, we wanted to know if yum supports security related functions by using a plugin or having it as built-in functionality. Yum Yum, or Yellowdog Updater Modified, is a software management tool for Linux based systems. Usually it is used on systems running SuSE or Red Hat based (like RHEL, Fedora or CentOS). Plugins extend the functionality of yum, to improve its functionality.

Read the full article…