Linux enjoys great popularity, especially in the server and IoT sectors – this makes the free operating system increasingly interesting for attackers.
Contrary to the long-standing myth, Linux is developed with a focus on security – but can certainly be hijacked by clever attacks.
Like other software vendors, Linux distributions face a tradeoff between security and usability.
Linux administrators can change the settings to their own liking.
This course provides a basic overview of common hardening options and uses SELinux, AppArmor, and fail2ban as examples to demonstrate three important tools.
Also demonstrated are OpenVAS and Dev-Sec, two other programs for detecting and closing common security vulnerabilities.
The workshop is as interactive as possible – theoretical and practical content is provided for the respective tasks.
- General Best Practices
- Linux Security Modules
- File context
- Modules and Booleans
Dev-Sec / InSpec
- Analyze systems with InSpec
- Harden systems automatically with Ansible