Language Selection

English French German Italian Portuguese Spanish

Detect insider threats with Linux auditing

Filed under
Security

Organizations of all sizes need to mitigate the risk of insider threats. Misconduct by authorized users represents a grave threat to an organization. According to the 2005 Computer Security Institute and Federal Bureau of Investigation Computer Crime and Security Survey, organizations reported that computer intrusions from inside sources accounted for nearly half of all incidents. You can secure your network perimeter with intrusion detection systems, firewalls, and virus scanners, but don't neglect to monitor authorized users. The Linux Audit daemon can help you detect violations of your security policies.

The term auditing has multiple meanings within the information security field. A security audit is a term used to describe the process of evaluating the security posture of an organization through penetration testing, review of security policies, and system configuration. At the system level, auditing refers to the logging of the actions of users and programs of a system. The latter form of auditing is the type of auditing implemented by the Linux Audit daemon. It is a passive security measure because it only detects violations of security policy, but does not enforce it. It is similar to network-based intrusion detection systems and host-based intrusion detection systems.

More Here




More in Tux Machines

Android Wear Gets Its First Big Update

Google's Android Wear on Thursday got its first major update, bringing GPS support and offline music capabilities to the wearables platform. "Android Wear is great for tracking things like route, distance and speed," wrote Kenny Stoltz, Android Wear product manager. "Before today, you had to keep your phone close at hand. Starting today, Wear supports watches with GPS sensors, so you can enjoy these features regardless of where your phone's at." Read more

Positive results from Outreach Program for Women

In 2013, Debian participated in both rounds of the GNOME Outreach Program for Women (OPW). The first round was run in conjunction with GSoC and the second round was a standalone program. The publicity around these programs and the strength of the Google and Debian brands attracted a range of female candidates, many of whom were shortlisted by mentors after passing their coding tests and satisfying us that they had the capability to complete a project successfully. As there are only a limited number of places for GSoC and limited funding for OPW, only a subset of these capable candidates were actually selected. The second round of OPW, for example, was only able to select two women. Read more

Mesa 10.3.2 Has A Couple Bug-Fixes

For those living by stable Mesa releases rather than the exciting, bleeding-edge Mesa Git code for open-source Linux graphics drivers, Mesa 10.3.2 is available this Friday night. Mesa 10.3.2 has fixes for Nouveauy's GM107 Maxwell and GK110 support, a handful of Intel DRI driver fixes, and also a few R600g/RadeonSI driver fixes. Mesa stable users interested in learning more can find the 10.3.2 release announcement by Emil Velikov, the new Mesa release manager. For those after the latest Git developments, Mesa 10.4 will be declared stable in December. Read more

openSUSE Tumbling, Fedora Slipping, and Calculating Linux

The big news today is the merger of openSUSE Factory and Tumbleweed. Fedora 21 is delayed again due to numerous blockers. Jack M. Germain looks at Calculate Linux 14 and Bryan Lunduke is back with another desktop review, this week LXDE. There's a "victory for free software" in the news, but it's not in Berlin where Microsoft Office is being substituted for OpenOffice. Read more