Linux hardening with Lynis

Rick Stevens ricks at alldigital.com
Tue Dec 24 17:51:59 UTC 2013


On 12/24/2013 08:21 AM, bruce issued this missive:
> Hey.
>
> Looked over your link/app. how is this any different from
> rkhunter/chkrootkit or any of the other apps that inspect files for
> changes to indicate a potential root/virus issue?
>
> Does anyone know of an app/process that can prevent a rootkit/virus
> from modifying files, as opposed to simply detecting when/if a file
> has been modified?

SELinux can help with this. Also look at a hardened kernel such as
grsecurity (http://grsecurity.net/)

> On Tue, Dec 24, 2013 at 2:39 AM, M. Boelen <michael at rootkit.nl> wrote:
>> Hi,
>>
>> I saw your post regarding guidance to harden/secure a Linux system [1].
>> Did you already try my open source tool Lynis?
>>
>> http://www.rootkit.nl/projects/lynis.html
>>
>> Kind regards,
>>
>> Michael
>>
----------------------------------------------------------------------
- Rick Stevens, Systems Engineer, AllDigital    ricks at alldigital.com -
- AIM/Skype: therps2        ICQ: 22643734            Yahoo: origrps2 -
-                                                                    -
-  Memory is the second thing to go, but I can't remember the first! -
----------------------------------------------------------------------


More information about the users mailing list