The state of Linux security in 2017

Linux security (2017 edition) The year is closing, so it is time to review Linux security. Like last year, we look at the state of Linux security. A collection of the finest moments. Did we forget something important? Let us know in the comments. This post will remain updated in the upcoming weeks. As this post may appear on HN, Reddit, Slashdot, and other high-traffic sites, this post is heavily cached. Comments may show up with some delay.   January: MongoDB, Debian The post The state of Linux security in 2017 appeared first on Linux Audit.
Read more

Troubleshooting a full /boot partition on Ubuntu

A regular issue with systems running Ubuntu is that may fill up the /boot partition. After trying several options, we found a way to do this in three steps. And opposed to other solutions, there is no manual moving of files needed. The error: Unmet dependencies Typically you will discover if the unmet dependencies error shows up. For some reason, one package depends on the other. This typically happens over night, especially if you use a tool like unattended-upgrade for The post Troubleshooting a full /boot partition on Ubuntu appeared first on Linux Audit.
Read more

Linux security myths

Myth busting: Linux security As the author of Lynis, I have to run several Linux systems for testing Linux security defenses. And if you do something long enough, some get to see you as a Linux security expert. When that happens, you get asked questions. Surprisingly they are often related to some of the myths. Time to share a few I got asked. If you received this link from me directly, then most likely you asked one :) Linux systems The post Linux security myths appeared first on Linux Audit.
Read more

Postfix Hardening Guide for Security and Privacy

Postfix Security and Privacy Postfix is one of the most used components on a server that needs to receive or send emails. With all its options available, it is easy to have a weak configuration. This security guide looks into Postfix hardening, to increase the defenses against spam, abuse, and leaking sensitive data. Time to start! Guide overview Why Postfix hardening Preparation Test the existing Postfix configuration Backup your Postfix configuration Find your Postfix version Hardening steps Basic hardening Disable VRFY The post Postfix Hardening Guide for Security and Privacy appeared first on Linux Audit.
Read more

Understanding what runs on your Linux system (and why)

Linux processes and daemons Each Linux system has a bunch of processes running. Most of these processes might be familiar to you if you regularly use a command like ps or top to display them. Processes may look like just an item in a list. They are actually complicated pieces of code that are tamed by a memory manager. To truly understand how your system is running, knowledge of process (or memory) management is of great help. So let’s make The post Understanding what runs on your Linux system (and why) appeared first on Linux Audit.
Read more

Vulnerable packages on FreeBSD: pkg audit

Auditing FreeBSD with pkg audit FreeBSD is definitely another beast than Linux. In some areas, FreeBSD is really a powerful operating system. Package management is maybe not the first one you may think of. Typically FreeBSD users have two options when it comes to installing packages. Ports collection The ports tree allows the administration to build software they need, with the compilation flags he or she prefers. This makes the software optimized and typically the last versions are available. The downside The post Vulnerable packages on FreeBSD: pkg audit appeared first on Linux Audit.
Read more

Troubleshooting guide for Lynis

Troubleshooting Lynis This document helps with solving most common issues experienced when running Lynis. Errors No hostid and/or hostid2 found Some systems do not have the OpenSSH server package installed. In this case, the hostid2 value may be missing. During the upload it may result in an error. Error: No hostid and/or hostid2 found. Can not upload report file. To see what Lynis discovered, use the show command. lynis show hostids If the hostid2 is missing, we can tell Lynis The post Troubleshooting guide for Lynis appeared first on Linux Audit.
Read more

Configure the time zone (TZ) on Linux systems

Linux Time Zone Configuration Having the right time set on a Linux system is important for the synchronization of data, forensics, and troubleshooting. Having the right time zone is the next step. We will have a look on how to check and configure the time zone on Linux systems. See current time zone Most new Linux distributions use systemd now. By using the timedatectl command we can quickly see the existing time information, including the time zone. timedatectl For Linux, there The post Configure the time zone (TZ) on Linux systems appeared first on Linux Audit.
Read more

Locking users after X failed login attempts with pam_tally2

Using pam_tally2 on Linux Most Linux distributions use pluggable authentication modules (PAM). This modular type of configuration allows system administrators to configure and fine-tune the authentication of users. It also defines the behavior on specific events, like providing an invalid user account or password. PAM can use these events to automatically take an action, like locking an account. Introduction to PAM The configuration of PAM is not that hard, but there are risks involved in the process of making changes. The post Locking users after X failed login attempts with pam_tally2 appeared first on Linux Audit.
Read more

GDPR Compliance: Technical Requirements for Linux Systems

GDPR for Linux systems What is GDPR? The General Data Protection Regulation (GDPR) is a regulation to protect data stored about individuals from the European Union. When speaking about stored data, it includes the handling of data at any given time, from entry to data deletion. One of the important parts is the right to ‘know’. That means that individuals can ask what data is stored about them. Another request they may make is that this data is deleted. You may know The post GDPR Compliance: Technical Requirements for Linux Systems appeared first on Linux Audit.
Read more
Page 1 of 3123