Security for Linux Systems
Need for Auditing
Many people believe if they keep their system packages patched, they are secure. Especially when other technologies, like firewalls are implemented. Unfortunately most systems are poorly hardened, leaving room for intrusion. This is the reason why auditing will always be needed. Even if you have done everything to secure, you can only know for sure when an objective person or tool audits the environment.
Minimal Installation
Our solution focuses on several areas, including the principle of using as less resources possible. This starts with a minimal installation. We try to discover unneeded packages or processes which run but have no functional purpose for that system.
Linux Kernel
Another important area is the Linux kernel itself. Not only do we check if it up-to-date, but also if it is properly configured and hardened. Next is determining related kernel modules and verifying them.
File Systems
Often the data on systems is the most precious resource which we want to protect. Still, we see that most systems lack the appropriate controls to guarantee availability, integrity and the confidentiality of the data. We check what file systems are used, where data is stored and how it is protected. Also do we check if security controls are implemented when for example running a web server.