Language Selection

English French German Italian Portuguese Spanish

Detect insider threats with Linux auditing

Filed under

Organizations of all sizes need to mitigate the risk of insider threats. Misconduct by authorized users represents a grave threat to an organization. According to the 2005 Computer Security Institute and Federal Bureau of Investigation Computer Crime and Security Survey, organizations reported that computer intrusions from inside sources accounted for nearly half of all incidents. You can secure your network perimeter with intrusion detection systems, firewalls, and virus scanners, but don't neglect to monitor authorized users. The Linux Audit daemon can help you detect violations of your security policies.

The term auditing has multiple meanings within the information security field. A security audit is a term used to describe the process of evaluating the security posture of an organization through penetration testing, review of security policies, and system configuration. At the system level, auditing refers to the logging of the actions of users and programs of a system. The latter form of auditing is the type of auditing implemented by the Linux Audit daemon. It is a passive security measure because it only detects violations of security policy, but does not enforce it. It is similar to network-based intrusion detection systems and host-based intrusion detection systems.

More Here

More in Tux Machines

Tiny Core Linux 6.4.1 Gets Its First Release Candidate Build with Multiple Fixes

Robert Shingledecker has had the please of informing us about the immediate availability for download and testing of the first Release Candidate (RC) build of the upcoming Tiny Core Linux 6.4.1 operating system. Read more

Raspberry Pi KMS Driver Updated

Eric Anholt has published an updated BCM2835 KMS driver for supporting the Raspberry Pi budget SBCs with this DRM driver. This latest Raspberry Pi KMS driver code now supports setting new video modes thanks to having a real clock driver. There's also been DeviceTree changes with this latest patch series. Read more

Release of KDE Frameworks 5.15.0

KDE Frameworks are 60 addon libraries to Qt which provide a wide variety of commonly needed functionality in mature, peer reviewed and well tested libraries with friendly licensing terms. For an introduction see the Frameworks 5.0 release announcement. This release is part of a series of planned monthly releases making improvements available to developers in a quick and predictable manner. Read more

The Best Linux Setup For Older Computers

A number of the distributions on that list would have been suitable but I was also looking for a distribution that had a 32-bit version. From the list I could reasonably have gone for PCLinuxOS, Linux Mint XFCE, Zorin OS Lite or Linux Lite but having recently reviewed Q4OS I decided that this was the best option because it looks a lot like older versions of Windows, it is lightweight, fast and easy to use. Read more