Need to get your Linux systems compliant? We support all common distributions like Debian, Ubuntu, RHEL. What makes us different is that we also support macOS, BSD and other Unix platforms like AIX, HP-UX and Solaris. As Unix specialists ourselves, we help you passing your audits, by providing best practices, snippets and tips.
1.1.6 Documentation and business justification for services Computer systems have a primary goal to assist the business of the company. Some systems are focused on delivering functionality to core business processes, others support the IT department. Collecting running services on Linux is fairly easily, assigning them a clear business justification is usually harder.
5.1 Anti-virus software deployment Deploying anti-virus software is required by the PCI DSS standard, to counter the threat of malicious software (malware). This section describes reviewing the anti-virus solution, policy and procedures.
8.1.7 Account lockout duration A lockout duration should be configured when authentication attempts several times failed. A related time should be configured to re-enable the account again, or by manual reset of an administrator.
8.1.8 Session idle time out Access to open machines should be limited, to reduce the risk of non-authorized people accessing a system. A session time out value or tool should be used to control this risk.
8.5 Groups, shared and functional accounts Activities should be traceable and accounted for. This control deals with the way systems are configured, and in particular of authentication methods in related to generic accounts.
10.2.4 Invalid logical access attempts Brute force and logon attempts might be a first indication of a possible break-in. This is the reason such attempts should be properly logged and reviewed on a regular basis. On Linux this PCI DSS control might be configured by using the Linux audit system.
10.3 Audit trail fields To achieve full accountability, audit trails should be properly logged by the system. When it comes to auditing system components, at least the following fields needs to be available: user identification, type, date/time, success/failure status, originator and an identifier.
10.4 Time-synchronization technology Log files, audit trails, and even some protocols depend on the time. A high level of accuracy is needed to ensure the quality of the logs, which might be needed for forensics or troubleshooting. Protocols like kerberos can stop working if the time is not properly synced. On Linux systems, it is therefore common to find an NTP daemon or a service responsible for time-synchronization.