Language Selection

English French German Italian Portuguese Spanish

Detect insider threats with Linux auditing

Filed under
Security

Organizations of all sizes need to mitigate the risk of insider threats. Misconduct by authorized users represents a grave threat to an organization. According to the 2005 Computer Security Institute and Federal Bureau of Investigation Computer Crime and Security Survey, organizations reported that computer intrusions from inside sources accounted for nearly half of all incidents. You can secure your network perimeter with intrusion detection systems, firewalls, and virus scanners, but don't neglect to monitor authorized users. The Linux Audit daemon can help you detect violations of your security policies.

The term auditing has multiple meanings within the information security field. A security audit is a term used to describe the process of evaluating the security posture of an organization through penetration testing, review of security policies, and system configuration. At the system level, auditing refers to the logging of the actions of users and programs of a system. The latter form of auditing is the type of auditing implemented by the Linux Audit daemon. It is a passive security measure because it only detects violations of security policy, but does not enforce it. It is similar to network-based intrusion detection systems and host-based intrusion detection systems.

More Here




More in Tux Machines

Today in Techrights

FileZilla 3.10.1 Released With Bug Fixes And Some Minor Changes Install In Ubuntu/Linux Mint


Picture

FileZilla is free and Open-Source ftp/sftp client with features FTPSFTP and FTPS (FTP over ssl/TLS). It has a very nice and easy to use user interface.FileZilla 3.10.1 released yesterday with bug fixes and minor changes.
 
 
 
 
 
 

Read at LinuxAndUbuntu

Flattr Is the Icon Pack with the Flattest Icons for Linux Systems – Gallery

Users who like flat icons might want to give Flattr a try. It's probably the flattest theme that you can find on the Linux platform and it's been recently updated. Read more

BackBox Linux 4.1 Is a Powerful Penetration Testing Distro Based on Ubuntu 14.04.1

BackBox Linux is a distribution based on Ubuntu 14.04.1 LTS, that is built to perform penetration tests and security assessments. A new version has been released and is now available for upgrade and testing. Read more