AIDE or Advanced Intrusion Detection Environment, is a file integrity checking tool and can detect unauthorized changes to configuration files . It is quite similar to Tripwire. It will take snapshot of filesystem state which...
It is recommended that a patch management system is maintained and configured. Verify that the system’s package repositories are configured. sudo apt-cache policy Sample Output: tux@freelinux:~$ sudo apt-cache policy...
Here’s the following recommendation for filesystem and directories configuration. It will be easier to do it during the initial OS installation but if need to repartition the existing system, it is recommended that full...
Nftables is the replacement for iptables, ebtables and arptables. It is a subsystem of Linux kernel providing filtering and classification of network packets,datagrams or frames. Some key things to consider: 1.Installation: dnf...
Ip6tables is a firewall utility that uses policy chains to allow or block traffic. It can configure IPv6 tables, chains or rules provided by the Linux kernel firewall. Some key things to consider: 1. Installation: (When...
Iptables is a firewall utility that uses policy chains to allow or block traffic. It can configure IPv4 tables, chains or rules provided by the Linux kernel firewall. Some key things to consider: 1. Installation: dnf install...
Uncomplicated Firewall (UFW) -frontend for iptables and is a program for managing a netfilter firewall. Some key things to consider: 1. Installation: dnf install epel-release -y dnf install ufw -y 2. Verify if ufw is...
Secure Shell or SSH is a cryptographic network protocol used to securely log or access to remote systems. The most popular tool is the OpenSSH which provides a large suite of secure tunneling capabilities and different...
Here’s how to install the program “auditd” and best security practice and recommended settings for system auditing. 1.Install the auditd a. Verify if the package is installed or not, using the rpm...
As part of Best Security Practices, it is recommended to remove service clients that are not required for normal operation to reduce local attack. Here are the following programs or clients that need to remove. (Not in particular...
