Profile

Cover photo
41 followers|18,132 views
AboutPostsPhotosVideos

Stream

CISOfy

Shared publicly  - 
 
Based on a real question we received: how much system hardening is enough?
https://linux-audit.com/how-much-system-hardening-should-you-do/

1
Add a comment...

CISOfy

Shared publicly  - 
 
Lynis 2.3.0 now available (GitHub, DEB/RPM, or download). A good time to audit your systems again: https://cisofy.com/documentation/lynis/get-started/
1
3
Add a comment...

CISOfy

Shared publicly  - 
 
As a security firm, it was about time for our blog to make the jump to HTTPS with Let's Encrypt and enable the new HTTP/2 protocol: https://linux-audit.com/blog-migrated-to-https-and-http2/
Our blog is about Linux security, so one day it had to be migrated to HTTPS. Last weekend that migration (finally) happened. After a few days of testing, it is now live with the following options: HTTPS by default New HTTP/2 protocol Available via IPv4 and IPv6 Caching Before, we had our blog running with Pound and a Varnish cache. We also optimized these two software packages for both performance and security. With those gone, a lot of optimizat...
1
1
Add a comment...

CISOfy

Shared publicly  - 
 
Thanks for voting! Lynis achieved a 2nd place in the 2015 Top Security Tools by @toolswatch readers - http://www.toolswatch.org/2016/02/2015-top-security-tools-as-voted-by-toolswatch-org-readers/
1
Add a comment...

CISOfy

Shared publicly  - 
 
Automatic Fedora security updates with DNF - http://linux-audit.com/automatic-security-updates-with-dnf/
Automatic Security Updates The Dandified YUM tool, DNF, has become a powerful package manager for systems running Fedora. One of the great options is that security patches easily requested. This allows us for automatically security patching of our systems. Let’s explore the options and see how dnf-automatic can help us with fully automated patching. Security Patches The newer versions of Fedora use DNF. To check available security patches, use th...
1
1
Add a comment...

CISOfy

Shared publicly  - 
 
Using Fedora? Showing Available Security Updates with DNF - http://linux-audit.com/showing-available-security-updates-with-dnf/
Checking Security Updates for your Software Packages DNF is the default package manager since Fedora 22. As it is considered to be a better version of YUM, some of our Lynis users asked for DNF support. With focus on auditing and security patching, we definitely wanted to see that for ourselves. While building support, I’ve gathered the most important commands. In this blog post we will have a look how we can leverage the DNF output to show only ...
1
1
Add a comment...
Have them in circles
41 people
Rizwan Haider's profile photo
Denver Davido's profile photo
Wic Tan's profile photo
Roman Mednitzer's profile photo
Ed Eichman's profile photo
RAHMİ Yildiz's profile photo
Minh Triet Pham Tran's profile photo
Pradeep A's profile photo
InfoSec Guy's profile photo

CISOfy

Shared publicly  - 
 
When was the last time you used sysctl to tune the kernel? Did you know you can use regular expressions to gather specific keys? Read more: https://linux-audit.com/linux-hardening-with-sysctl/
Sysctl Hardening The GNU/Linux kernel powers a lot of systems, from big mainframes to the Android device in your pocket. If you want to achieve more security on your Linux systems, it would make sense to start hardening there, right? While improving security of the kernel looks easy at first sight, there is more to it than initially meets the eye. In this guide we have a look at the kernel and a common interface called sysctl. Why Invest Time [...
1
1
Add a comment...

CISOfy

Shared publicly  - 
 
Finding the installed compilers on your Linux system is not that easy. Here is how to do it: http://linux-audit.com/audit-installed-compilers-and-their-packages/
1
1
Add a comment...

CISOfy

Shared publicly  - 
 
Understanding Linux Privilege Escalation and Defending Against It - http://linux-audit.com/understanding-linux-privilege-escalation-and-defending-against-it/
Linux Privilege Escalation How it works, and what steps you can take to protect yourself Privilege escalation in another term for the elevation of permissions, of a normal user. This means that a normal user on Linux can become root, or get the same permissions as root. This can be authorized usage, with the use of the su or sudo command. It can also be unauthorized, for example when an attacker gains too many permissions. In this case often with...
1
Add a comment...

CISOfy

Shared publicly  - 
Just patching software packages is not enough. We cover a few utilities which help you to determine which processes need a restart to complete software patch management.
1
1
Add a comment...

CISOfy

Shared publicly  - 
 
Want to know how to deal with a compromised system (or prevent it)? http://www.slideshare.net/MichaelBoelen/handling-of-compromised-linux-systems
1
1
Add a comment...

CISOfy

Shared publicly  - 
 
Got IPv6 enabled on your Linux systems? Here is an extensive security guide to harden IPv6 on Linux: http://linux-audit.com/linux-security-guide-for-hardening-ipv6/
Extensive guide to help you secure your IPv6 configuration on Linux. From initial set-up to hardening the kernel with sysctl.
1
1
Add a comment...
People
Have them in circles
41 people
Rizwan Haider's profile photo
Denver Davido's profile photo
Wic Tan's profile photo
Roman Mednitzer's profile photo
Ed Eichman's profile photo
RAHMİ Yildiz's profile photo
Minh Triet Pham Tran's profile photo
Pradeep A's profile photo
InfoSec Guy's profile photo
Contact Information
Contact info
Phone
+31202260055
Email
Address
De Klok 28 5251DN, Vlijmen The Netherlands
Story
Tagline
System Auditing, Hardening, Compliance
Introduction
Simplified security for business running Linux and UNIX-based systems. We created the Lynis Enterprise suite to help companies audit their systems, and stay compliant with security standards.
Links