LinuxFest Northwest 2013

Bellingham, WA April 27th & 28th

Platinum Sponsors

The Linux Audit Framework

greptile's picture

The Linux audit framework as shipped with many Linux distributions  system provides a framework that reliably collects information about any security-relevant events. The audit records can be examined to determine whether any violation of the security policies has been committed, and by whom.

Linux audit helps make your system more secure by providing you with a means to analyze what is happening on your system in great detail. It does not, however, provide additional security itself—it does not protect your system from code malfunctions or any kind of exploits. Instead, Audit is useful for tracking these issues and helps you take additional security measures to prevent them.

This session provides a basic understanding of how audit works, how it can be set up, and how to use various utilities to display, query and archive the audit trail and how Linux Audit can be part of any overall Defense in Depth strategy.

 

Slides: 

Experience level: 

Advanced

Speaker(s): 

greptile

Session Time Slot(s): 

Sunday, April 28, 2013 - 11:00 to 12:00

Track: 

Comments