The state of Linux security in 2017

Linux security (2017 edition) The year is closing, so it is time to review Linux security. Like last year, we look at the state of Linux security. A collection of the finest moments. Did we forget something important? Let us know in the comments. This post will remain updated in ... Read More

Troubleshooting a full /boot partition on Ubuntu

A regular issue with systems running Ubuntu is that may fill up the /boot partition. After trying several options, we found a way to do this in three steps. And opposed to other solutions, there is no manual moving of files needed. The error: Unmet dependencies Typically you will discover ... Read More

Linux security myths

| | Linux, linux security
Myth busting: Linux security As the author of Lynis, I have to run several Linux systems for testing Linux security defenses. And if you do something long enough, some get to see you as a Linux security expert. When that happens, you get asked questions. Surprisingly they are often related ... Read More

Postfix Hardening Guide for Security and Privacy

Postfix Security and Privacy Postfix is one of the most used components on a server that needs to receive or send emails. With all its options available, it is easy to have a weak configuration. This security guide looks into Postfix hardening, to increase the defenses against spam, abuse, and ... Read More

Understanding what runs on your Linux system (and why)

Linux processes and daemons Each Linux system has a bunch of processes running. Most of these processes might be familiar to you if you regularly use a command like ps or top to display them. Processes may look like just an item in a list. They are actually complicated pieces ... Read More

Vulnerable packages on FreeBSD: pkg audit

Auditing FreeBSD with pkg audit FreeBSD is definitely another beast than Linux. In some areas, FreeBSD is really a powerful operating system. Package management is maybe not the first one you may think of. Typically FreeBSD users have two options when it comes to installing packages. Ports collection The ports ... Read More

Troubleshooting guide for Lynis

| | lynis, troubleshooting
Troubleshooting Lynis This document helps with solving most common issues experienced when running Lynis. Errors No hostid and/or hostid2 found Some systems do not have the OpenSSH server package installed. In this case, the hostid2 value may be missing. During the upload it may result in an error. Error: No ... Read More

Configure the time zone (TZ) on Linux systems

Linux Time Zone Configuration Having the right time set on a Linux system is important for the synchronization of data, forensics, and troubleshooting. Having the right time zone is the next step. We will have a look on how to check and configure the time zone on Linux systems. See ... Read More

Locking users after X failed login attempts with pam_tally2

Using pam_tally2 on Linux Most Linux distributions use pluggable authentication modules (PAM). This modular type of configuration allows system administrators to configure and fine-tune the authentication of users. It also defines the behavior on specific events, like providing an invalid user account or password. PAM can use these events to ... Read More

GDPR Compliance: Technical Requirements for Linux Systems

GDPR for Linux systems What is GDPR? The General Data Protection Regulation (GDPR) is a regulation to protect data stored about individuals from the European Union. When speaking about stored data, it includes the handling of data at any given time, from entry to data deletion. One of the important ... Read More