audit-image

4 tools to audit your Linux server

Leave a Comment / Uncategorised / By /

Auditing and checking your server to ensure that it is compliant based on your configuration and also ensuring total security is key. Many administrators get locked up with working on day to day tasks that sometimes this very important task goes undone. Here are some tools that can help automate auditing and also provide monitoring of your Linux systems.

 

 

1.)

NIX-AUDITOR

 

NIX auditor is another awsome tool that is geared towards RHEL but also works on Ubuntu and other systems NIX auditor again checks the basics such as password aging and accounts as well as file systems.

I have personally used this tool and I really like it here is some sample output

 

The setup is pretty simple to visit their project @ https://github.com/XalfiE/Nix-Auditor

 

2.)

LYNIS

Logo of CISOfy, a company specialized in Linux security solutions

 

Lynis is a very well designed tool that supports nearly all versions of Linux. The developer is very approachable and very active on social media this tool includes an online dashboard. It also allows you to check your servers against a policy such as HIPPA. Check my video below on this tool this is another tool I have personally used and love. There is a free edition and a paid for edition this is another tool that is very simple to install. check out the Cisofy page @ https://cisofy.com/

 

 

3.)

 

Image result for tripwire

 

Tripwire is another must have Tripwire checks the integrity of your file system and checks for changes that are not authorized. During your initial setup, you use tripwire to generate a profile of your file systems and which are in use and what you want to monitor. After that it monitors and sends you reports based on what has been changed of course there are many other features to Tripwire. You can customize it to do all sorts of things  check my video below on how to install tripwire

 

 

 

 

4.)

TIGER-Auditing tool

Tiger logo

 

Tiger is an open-source Linux auditing system that will check your system based on a template it will check basic things like active accounts and filesystems. It will also check for file system permissions and check for password strength also it will highlight things like aging policies for account

to install tiger on your system run the following

sudo apt-get install tiger

Check out the projects page @ https://www.openhub.net/p/tiger

UPDATE : While checking the last update of Tiger the last update I see is back in February

because of this I have bumped it down my list as auditing tools and techniques should be up to date as much as possible

 

see my video on how to install Tiger

 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.