agenda
play

Agenda Linux security 1. System hardening 2. Technical audits 3. - PowerPoint PPT Presentation

Sep 17, 2023 •463 likes •821 views

Agenda Linux security 1. System hardening 2. Technical audits 3. Automation 2 Michael Boelen 3 Linux security Areas Core Resources Services Environment System Hardening Boot Process Accounting Database Forensics Containers

  2. Agenda Linux security 1. System hardening 2. Technical audits 3. Automation 2

  3. Michael Boelen 3

  4. Linux security Areas Core Resources Services Environment System Hardening Boot Process Accounting Database Forensics Containers Authentication Mail Incident Response Frameworks Cgroups Middleware Malware Kernel Cryptography Monitoring Risks Service Manager Logging Printing Security Monitoring Security Auditing Virtualization Namespaces Shell System Integrity Network Web Software Storage Compliance Time 4

  5. System Hardening

  6. Security 101 ● Ongoing process ● Prevention || Detection ● React and mitigate: ○ Hearthbleed ○ Spectre and Meltdown 6

  7. 7

  8. 8

  9. Hardening 101 Defenses ● New ● Existing ● Reduce weaknesses (= attack surface) Photo Credits: http://commons.wikimedia.org/wiki/User:Wilson44691 9

  10. Hardening Resources ● Center for Internet Security (CIS) ● NSA → NIST ● OWASP ● Vendors ● The Internet 10

  11. 11

  13. Auditing

  14. Auditing Why? ● Quality ● Assurance 14

  15. 15

  16. Audit (or some pentests) Typically: 10 Run vulnerability scanner 20 Apply fix 30 goto 10 16

  17. Audit Better: 10 Select target(s) 20 Perform audit 30 Risk analysis 40 Define automation steps 50 Implement hardening 60 goto 10 17

  18. Automation

  19. Lynis 19

  20. How it works ● Initialization ● Run ○ Helpers ○ Plugins ○ Tests ● Show audit results 20

  21. 21

  22. 22

  23. Why Lynis? Flexibility ● No dependencies* ● Understandable ● Create your own tests * Besides common tools like awk, grep, ps 23

  24. Why Lynis? Three pillars 1. First impression 2. Keep it simple 3. Next step 24

  25. Why Lynis? Next step: 25

  26. Running Lynis ● lynis ● lynis audit system ● lynis show ● lynis show commands 26

  28. Lynis Profiles Optional configuration ● Default.prf ● Custom.prf ● Other profiles 28

  29. Automation Dealing with findings ● Log + website ● Create hardening snippet ● Automate via Chef, Puppet, Salt, etc. 29

  30. Let’s summarize

  31. Summary Take action: 1. Perform regular scans 2. Get that low-hanging fruit 3. Automate the outcome 31

  32. Success! You finished this presentation

  33. Questions? Connect ● Twitter: @mboelen ● LinkedIn: Michael Boelen Relevant project: https://LinuxSecurity.Expert (security tools, checklists, guides) 33

  34. Learn more? Follow ● Blog Linux Audit (linux-audit.com) ● Twitter @mboelen This presentation will be available at michaelboelen.com 34

Recommend

R E B I R T H R E B I R T H 1 Meeting Agenda Meeting Agenda Agenda 1

R E B I R T H R E B I R T H 1 Meeting Agenda Meeting Agenda Agenda 1

Annual General Meeting of Shareholders No. 1/2015 28 January 2015 At 1.30 P.M. at Athenee Crystal Hall, 3rd Floor, Plaza Athenee Bangkok R E B I R T H R E B I R T H 1 Meeting Agenda Meeting Agenda Agenda 1 To certify

879 views • 54 slides
Negotiating Conflicts Eff Effectively ti l Agenda Agenda Agenda Agenda Introductions

Negotiating Conflicts Eff Effectively ti l Agenda Agenda Agenda Agenda Introductions

Negotiating Conflicts Eff Effectively ti l Agenda Agenda Agenda Agenda Introductions Introductions 1) Negotiation Characteristics 2) Approaches to Conflict 2) Approaches to Conflict 3) Issues, Positions, and Interests 4)

1.06k views • 60 slides
Web E Web E ngineer ngineer ing Pr ing Pr oc ess oc ess We e k 2 Agenda (Lecture) Agenda

Web E Web E ngineer ngineer ing Pr ing Pr oc ess oc ess We e k 2 Agenda (Lecture) Agenda

Web E Web E ngineer ngineer ing Pr ing Pr oc ess oc ess We e k 2 Agenda (Lecture) Agenda (Lecture) Web Engineering Process W b E i i P Agenda (Lab) Agenda (Lab) Web 2.0 architecture patterns Project proposal P j t l

1.06k views • 19 slides
Anaheim August 27, 2008 Agenda Agenda Agenda Introduction New Rule Requirements

Anaheim August 27, 2008 Agenda Agenda Agenda Introduction New Rule Requirements

Anaheim August 27, 2008 Agenda Agenda Agenda Introduction New Rule Requirements Compliance Plan Upgrade Issues Questions Introduction Introduction Introduction Danny Luong Senior Enforcement Manager Background

989 views • 29 slides
Capital markets day 27 th September 2017 Agenda Time Agenda item Led by Time Agenda item

Capital markets day 27 th September 2017 Agenda Time Agenda item Led by Time Agenda item

Capital markets day 27 th September 2017 Agenda Time Agenda item Led by Time Agenda item Led by 14:15 TEA & COFFEE BREAK 11.00 Introduction Carolyn McCall 11.05 1. Market / Network 14.30 4. Making travel easy & affordable

1.22k views • 90 slides
Community Advisory Group Meeting June 20, 2016 Agenda 1. Welcome, Introductions and Agenda

Community Advisory Group Meeting June 20, 2016 Agenda 1. Welcome, Introductions and Agenda

Community Advisory Group Meeting June 20, 2016 Agenda 1. Welcome, Introductions and Agenda Overview 2. Public Comment (items not on the agenda) 3. CAG Questions and Concerns (items not on the agenda) 4. Labor Issue Update 5. New Generation

1.22k views • 55 slides
Agenda TOSITA Agenda July 15, 2015 9:30 - 10:00: Registration 10:00 -10:10: Welcome- PECO

Agenda TOSITA Agenda July 15, 2015 9:30 - 10:00: Registration 10:00 -10:10: Welcome- PECO

Agenda TOSITA Agenda July 15, 2015 9:30 - 10:00: Registration 10:00 -10:10: Welcome- PECO Perspective Bill Patterer -PECO 10:10- 10:20: Workshop Agenda/ EP-ACT Intro/EV overview Tony Bandiero EP-ACT 10:20- 10:35: EVSEs - What are They?

291 views • 15 slides
Agenda Agenda Linda Rammler, UConn UCEDD (copy from Agenda handout) Fr. John Gallagher,

Agenda Agenda Linda Rammler, UConn UCEDD (copy from Agenda handout) Fr. John Gallagher,

2/21/18 Agenda Agenda Linda Rammler, UConn UCEDD (copy from Agenda handout) Fr. John Gallagher, O.F.M. Cap. (St. Pius X Church) Kim Ranell Newgass (Baptist Church in New Haven) Mary Lou Freitas (Bethany Covenant) Doris

508 views • 5 slides
Mississauga Halton LHIN CSS and MH&A Sector Meeting June 11, 2010 Agenda Agenda Welcome

Mississauga Halton LHIN CSS and MH&A Sector Meeting June 11, 2010 Agenda Agenda Welcome

Mississauga Halton LHIN CSS and MH&A Sector Meeting June 11, 2010 Agenda Agenda Welcome and Agenda Community Care Information Management Program Herb Spence Stakeholder Engagement, HRIS (CCIM) Eugene Cortes - Project Lead,

2.11k views • 122 slides
Welcome June 2020 Agenda I. Welcome and Introductions II. Consent Agenda a. Approval of June

Welcome June 2020 Agenda I. Welcome and Introductions II. Consent Agenda a. Approval of June

Welcome June 2020 Agenda I. Welcome and Introductions II. Consent Agenda a. Approval of June Agenda b. Approval of February minutes c. Women in Jail Research Study III. Old Business a. JRAC Membership b. COVID-19 Strategies and Sustainability

539 views • 26 slides
Todays Agenda Todays Agenda Continued Todays Agenda Continued Save the Date August

Todays Agenda Todays Agenda Continued Todays Agenda Continued Save the Date August

Todays Agenda Todays Agenda Continued Todays Agenda Continued Save the Date August 17 & 18, 2021 10th Annual Nation to Nation Consultation Host: Chickasaw Nation USDA Leadership & Tribal Leaders Oklahoma NRCS

892 views • 65 slides
E-beam and X-ray: Why? What? How? 1 Introduction & Agenda Agenda: We are investing to

E-beam and X-ray: Why? What? How? 1 Introduction & Agenda Agenda: We are investing to

E-beam and X-ray: Why? What? How? 1 Introduction & Agenda Agenda: We are investing to supply and service a growing market E-Beam and X-ray are complementary solution that are financially viable Mevex and IBA are there to help

198 views • 15 slides
Katie Dively, Research Scientist II Agenda Agenda Agenda Agenda Welcome! 7 Step

Katie Dively, Research Scientist II Agenda Agenda Agenda Agenda Welcome! 7 Step

Katie Dively, Research Scientist II Agenda Agenda Agenda Agenda Welcome! 7 Step Communication Process Your Role Next Steps Centers Purpose Centers Purpose Centers Purpose Centers Purpose We are an

744 views • 55 slides
IDN BOF Agenda Harald Alvestrand, chair Agenda - 1 0900: Agenda bash, blue sheet, scribe ! 0910:

IDN BOF Agenda Harald Alvestrand, chair Agenda - 1 0900: Agenda bash, blue sheet, scribe ! 0910:

IDN BOF Agenda Harald Alvestrand, chair Agenda - 1 0900: Agenda bash, blue sheet, scribe ! 0910: Introduction to the IDN revision - John Klensin - An orientation on the main goals of the revision - Explanation of the division of labor between

233 views • 10 slides
#EdSummit @MorenoValleyUSD @BarrCenter 1 Agenda 10:45 Agenda 10:45 - 11:30 am 11:30 am

#EdSummit @MorenoValleyUSD @BarrCenter 1 Agenda 10:45 Agenda 10:45 - 11:30 am 11:30 am

#EdSummit @MorenoValleyUSD @BarrCenter 1 Agenda 10:45 Agenda 10:45 - 11:30 am 11:30 am 10:45 - 10:50 am: Introductions 10:50 - 10:55 am: MVUSD Board President Susan Smith 10:55 - 11:00 am: MVUSD Superintendent Dr. Martinrex Kedziora

408 views • 21 slides
Agenda Item 4: PUBLIC COMMENT Individuals may speak on any topic for up to three minutes; during

Agenda Item 4: PUBLIC COMMENT Individuals may speak on any topic for up to three minutes; during

4/25/19 SA SAN F FRANCISQ SQUITO C CREEK S F C J PA . O R G J O I N T P O W E R S A U T H O R I T Y BOARD OF DIRECTORS MEETING Menlo Park City Council Chambers April 25, 2019 at 2:30 p.m. AGENDA 1. ROLL CALL 2. APPROVAL OF AGENDA 3.

158 views • 15 slides
Community Advisory Group Meeting September 3, 2014 Agenda 1. Welcome, Introductions and Agenda

Community Advisory Group Meeting September 3, 2014 Agenda 1. Welcome, Introductions and Agenda

Community Advisory Group Meeting September 3, 2014 Agenda 1. Welcome, Introductions and Agenda Overview 2. Public Comment (items not on the agenda) 3. CAG Questions and Concerns 4. UCSF Medical Center Update 5. UCSF 10-Year Capital Plan

941 views • 35 slides
http://windowstips.wordpress.com Agenda Agenda Introduction Malware public information

http://windowstips.wordpress.com Agenda Agenda Introduction Malware public information

Juan Garrido MVP Enterprise Security @tr1ana http://windowstips.wordpress.com Agenda Agenda Introduction Malware public information TRIANA Conclusions Agenda One new malware every 2 seconds Its like epidemic Many variety of

1.07k views • 19 slides
F F unctional Design unctional Design We e k 9 Agenda (Lecture) Agenda (Lecture)

F F unctional Design unctional Design We e k 9 Agenda (Lecture) Agenda (Lecture)

F F unctional Design unctional Design We e k 9 Agenda (Lecture) Agenda (Lecture) Functional design F ti l d i Agenda (Lab) Agenda (Lab) Weekly progress report Homework/Lab assignments Announcement Announcement Walk

478 views • 24 slides
Community Advisory Group Meeting December 3, 2014 Agenda 1. Welcome, Introductions and Agenda

Community Advisory Group Meeting December 3, 2014 Agenda 1. Welcome, Introductions and Agenda

Community Advisory Group Meeting December 3, 2014 Agenda 1. Welcome, Introductions and Agenda Overview 2. Public Comment (Items not on the agenda) 3. CAG Questions and Concerns 4. Overview of UCSF Diversity Programs 5. Campus Updates

539 views • 22 slides
Spring 2015 Agenda - Thursday Logistics Introductions Agenda Bash Network Updates

Spring 2015 Agenda - Thursday Logistics Introductions Agenda Bash Network Updates

Southern Crossroads (SoX) Participant Meeting Spring 2015 Agenda - Thursday Logistics Introductions Agenda Bash Network Updates Commodity Internet SoX NOC NSF Workshops Brainstorming over Dinner Agenda - Friday

554 views • 32 slides
RAF Marham October 2019 Kayleigh Winter MOD Development Manager Agenda Agenda About the IET

RAF Marham October 2019 Kayleigh Winter MOD Development Manager Agenda Agenda About the IET

RAF Marham October 2019 Kayleigh Winter MOD Development Manager Agenda Agenda About the IET Membership and Benefits Professional Registration My approach Application and Support How I can add value Q&A Agenda About the IET The

683 views • 49 slides
PCCD Planning and Budgeting Council May 27, 2016 8:30 a.m. 12:30 p.m. AGENDA Time Agenda

PCCD Planning and Budgeting Council May 27, 2016 8:30 a.m. 12:30 p.m. AGENDA Time Agenda

PCCD Planning and Budgeting Council May 27, 2016 8:30 a.m. 12:30 p.m. AGENDA Time Agenda Topic 2015- 16 PBC Goal PCCD 2015- 16 Strategic Presenters Goals and Institutional Objectives 8:30 I. Agenda Review Facilitator 8:35

371 views • 35 slides
an industry perspective AGENDA AGENDA ATDIs Activities on EMF EMF in 5G Environment Topics

an industry perspective AGENDA AGENDA ATDIs Activities on EMF EMF in 5G Environment Topics

EMF Exposure and 5G network development: an industry perspective AGENDA AGENDA ATDIs Activities on EMF EMF in 5G Environment Topics for Discussion AGENDA ATDIs activities on EMF ATDI as a Sector Member of the ITU-D, ITU-R WTDC- 17

316 views • 13 slides

More recommend