Language Selection

English French German Italian Portuguese Spanish

Detect insider threats with Linux auditing

Filed under
Security

Organizations of all sizes need to mitigate the risk of insider threats. Misconduct by authorized users represents a grave threat to an organization. According to the 2005 Computer Security Institute and Federal Bureau of Investigation Computer Crime and Security Survey, organizations reported that computer intrusions from inside sources accounted for nearly half of all incidents. You can secure your network perimeter with intrusion detection systems, firewalls, and virus scanners, but don't neglect to monitor authorized users. The Linux Audit daemon can help you detect violations of your security policies.

The term auditing has multiple meanings within the information security field. A security audit is a term used to describe the process of evaluating the security posture of an organization through penetration testing, review of security policies, and system configuration. At the system level, auditing refers to the logging of the actions of users and programs of a system. The latter form of auditing is the type of auditing implemented by the Linux Audit daemon. It is a passive security measure because it only detects violations of security policy, but does not enforce it. It is similar to network-based intrusion detection systems and host-based intrusion detection systems.

More Here




More in Tux Machines

Turning Windows users into Linux users with MakuluLinux Aero

Slick, sleek, and fast and very Windows-like ... this is a distro that could get your users on the path of OS righteousness Read more

Open Source Education Begins at an Early Age

Open source software (OSS) is becoming a standard in the technology market, and much of today’s youth will find themselves using open source in their future educational and professional endeavors. But to do so, this younger generation will first need to develop the skills that will allow them to build, create and explore OSS technology effectively down the road. This calls for education in open source. Read more

Debian-Based OpenMediaVault 2.1 NAS Solution Adds WiFi and VLAN Support

Volker Theile, project leader of the Debian-based OpenMediaVault NAS (Network-attached Storage) distribution, was more than happy to inform us about the immediate availability for download of OpenMediaVault 2.1. Read more

Arch Linux 2015.07.01 Is Now Available for Download

Being July 1 and all that, that time has come for a new Arch Linux build to surface the Web. Arch Linux 2015.07.01 has been released earlier, and you can download it right now! Read more