Language Selection

English French German Italian Portuguese Spanish

Detect insider threats with Linux auditing

Filed under
Security

Organizations of all sizes need to mitigate the risk of insider threats. Misconduct by authorized users represents a grave threat to an organization. According to the 2005 Computer Security Institute and Federal Bureau of Investigation Computer Crime and Security Survey, organizations reported that computer intrusions from inside sources accounted for nearly half of all incidents. You can secure your network perimeter with intrusion detection systems, firewalls, and virus scanners, but don't neglect to monitor authorized users. The Linux Audit daemon can help you detect violations of your security policies.

The term auditing has multiple meanings within the information security field. A security audit is a term used to describe the process of evaluating the security posture of an organization through penetration testing, review of security policies, and system configuration. At the system level, auditing refers to the logging of the actions of users and programs of a system. The latter form of auditing is the type of auditing implemented by the Linux Audit daemon. It is a passive security measure because it only detects violations of security policy, but does not enforce it. It is similar to network-based intrusion detection systems and host-based intrusion detection systems.

More Here




More in Tux Machines

Leftovers: KDE

diff -u: What's New in Kernel Development

Boot times can become slow on systems with many CPUs, partly because of the time it takes to crank up all the RAM chips. Mel Gorman recently submitted some patches to start up RAM chips in parallel instead of one after the other. One of the main problems with trying to implement such a feature—and one of the main reasons such patches haven't made it into the kernel before—is the need to avoid slowing things down for smaller systems. Read more

I so cannot wait until this Friday when Seed of Chucky is released!

Weber State vs Oregon State Live Stream

IT&C sector – engine of the economy : Kogaion and Argent – operating systems created in Cluj-Napoca

This goes for the Romanian Group for the Development of Gentoo-Derivative Technologies too. Gentoo is an operating system based on Linux or FreeBSD, which can be automatically optimized or personalized for almost any application or need. Last week the Cluj-based team launched in Bucharest and Cluj two PC operating systems that are one hundred per cent Romanian, which could be used by regular users or within public administration, the education system or defence institutions. Read more