Language Selection

English French German Italian Portuguese Spanish

Detect insider threats with Linux auditing

Filed under
Security

Organizations of all sizes need to mitigate the risk of insider threats. Misconduct by authorized users represents a grave threat to an organization. According to the 2005 Computer Security Institute and Federal Bureau of Investigation Computer Crime and Security Survey, organizations reported that computer intrusions from inside sources accounted for nearly half of all incidents. You can secure your network perimeter with intrusion detection systems, firewalls, and virus scanners, but don't neglect to monitor authorized users. The Linux Audit daemon can help you detect violations of your security policies.

The term auditing has multiple meanings within the information security field. A security audit is a term used to describe the process of evaluating the security posture of an organization through penetration testing, review of security policies, and system configuration. At the system level, auditing refers to the logging of the actions of users and programs of a system. The latter form of auditing is the type of auditing implemented by the Linux Audit daemon. It is a passive security measure because it only detects violations of security policy, but does not enforce it. It is similar to network-based intrusion detection systems and host-based intrusion detection systems.

More Here




More in Tux Machines

Here Is What's New In Fedora 28

For those who don't know about this Linux distro, Fedora is one of those Linux distributions that comes released with cutting-edge software rather than staying on the same boat with other distributions that prefers stability. Fedora comes in three flavors: Workstation, Server, and Atomic. I'll be reviewing Fedora Workstation; used by many developers and users as their general purpose computing platform. Read
more

Stable kernels 4.16.11, 4.14.43 and 4.9.102

today's leftovers

Software: Grafana, Heaptrack, Vim

  • Grafana – An Open Source Software for Analytics and Monitoring
    Grafana is an open source, feature rich, powerful, elegant and highly-extensible analytics and monitoring software that runs on Linux, Windows and MacOS. It is a de facto software for data analytics, being used at Stack Overflow, eBay, PayPal, Uber and Digital Ocean – just to mention but a few. It supports 30+ open source as well as commercial databases/data sources including MySQL, PostgreSQL, Graphite, Elasticsearch, OpenTSDB, Prometheus and InfluxDB. It allows you to dig deeply into large volumes of real-time, operational data; visualize, query, set alerts and get insights from your metrics from differen
  • Heaptrack v1.1.0 release
    Better memory profiling on Linux After more than a year of work, I’m pleased to release another version of heaptrack, the Linux memory profiler! The new version 1.1.0 comes with some new features, significant performance improvements and – most importantly – much improved stability and correctness. If you have tried version v1.0 in the past and encountered problems, update to the new v1.1 and try again!
  • Ten Years of Vim
     

    The philosophy behind Vim takes a while to sink in: While other editors focus on writing as the central part of working with text, Vim thinks it's editing.

     

    You see, most of the time I don't spend writing new text; instead, I edit existing text.

  •