|
Lynis
Lynis is an extensible security audit tool for computer systems running Linux, FreeBSD, macOS, OpenBSD, Solaris, and other Unix derivatives. It assists system administrators and security professionals with scanning a system and its security defenses, with the final goal being system hardening. Software The tool was created by Michael Boelen, the original author of rkhunter as well as several special contributors and translators. Lynis is available under the GPLv3 license. The software determines various system information, such as the specific OS type, kernel parameters, authentication and accounting mechanism, installed packages, installed services, network configuration, logging and monitoring (e.g. syslog-ng), cryptography (e.g. SSL/TLS certificates) and installed malware scanners (e.g. ClamAV or rkhunter). Additionally, it will check the system for configuration errors and security issues. By request of the auditor, those checks may conform to international standa ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Hardening (computing)
In computer security, hardening is usually the process of securing a system by reducing its surface of vulnerability, which is larger when a system performs more functions; in principle a single-function system is more secure than a multipurpose one. Reducing available ways of attack typically includes changing default passwords, the removal of unnecessary software, unnecessary usernames or logins, and the disabling or removal of unnecessary services. There are various methods of hardening Unix and Linux systems. This may involve, among other measures, applying a patch to the kernel such as Exec Shield or PaX; closing open network ports; and setting up intrusion-detection systems, firewalls and intrusion-prevention systems. There are also hardening scripts and tools like Lynis, Bastille Linux, JASS for Solaris systems and Apache/PHP Hardener that can, for example, deactivate unneeded features in configuration files or perform various other protective measures. Bi ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Rkhunter
rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with ''known good'' ones in online databases, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD. rkhunter is notable due to its inclusion in popular operating systems (Fedora, Debian, etc.) The tool has been written in Bourne shell, to allow for portability. It can run on almost all UNIX-derived systems. Development In 2003, developer Michael Boelen released the version of Rootkit Hunter. After several years of development, early 2006, he agreed to hand over development to a development team. Since that time eight people have been working to set up the project properly and work towards the much-needed maintenance release. The project has since been moved to SourceForge. See also * chkrootkit ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Security Software
Computer security software or cybersecurity software is any computer program designed to influence information security. This is often taken in the context of defending computer systems or data, yet can incorporate programs designed specifically for subverting computer systems due to their significant overlap, and the adage that the best defense is a good offense. The defense of computers against intrusion and unauthorized use of resources is called ''computer security''. Similarly, the defense of computer networks is called ''network security''. The subversion of computers or their unauthorized use is referred to using the terms ''cyberwarfare'', ''cybercrime'', or ''security hacking'' (later shortened to ''hacking'' for further references in this article due to issues with ''hacker'', ''hacker culture'' and differences in white/grey/black 'hat' color identification). Types Below, various software implementations of Cybersecurity patterns and groups outlining ways a host syste ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Syslog-ng
syslog-ng is a free and open-source implementation of the syslog protocol for Unix and Unix-like systems. It extends the original syslogd model with content-based filtering, rich filtering capabilities, flexible configuration options and adds important features to syslog, like using TCP for transport. As of today, syslog-ng is developed by Balabit IT Security Ltd. It has three editions with a common codebase. The first is called syslog-ng Open Source Edition (OSE) with the license LGPL. The second is called Premium Edition (PE) and has additional plugins (modules) under a proprietary license. The third is called Storebox (SSB), which comes as an appliance with a Web-based UI as well as additional features including ultra-fast-text search, unified search, content-based alerting and a premier tier support. In January 2018, syslog-ng, as part of Balabit, was acquired by One Identity, a global vendor of identity and access management solutions under the Quest Software umbrella. The ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Penetration Test
A penetration test, colloquially known as a pen test or ethical hacking, is an authorized simulated cyberattack on a computer system, performed to evaluate the security of the system; this is not to be confused with a vulnerability assessment. The test is performed to identify weaknesses (also referred to as vulnerabilities), including the potential for unauthorized parties to gain access to the system's features and data, as well as strengths, enabling a full risk assessment to be completed. The process typically identifies the target systems and a particular goal, then reviews available information and undertakes various means to attain that goal. A penetration test target may be a white box (about which background and system information are provided in advance to the tester) or a black box (about which only basic information—if any—other than the company name is provided). A gray box penetration test is a combination of the two (where limited knowledge of the target is sh ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Auditor
An auditor is a person or a firm appointed by a company to execute an audit.Practical Auditing, Kul Narsingh Shrestha, 2012, Nabin Prakashan, Nepal To act as an auditor, a person should be certified by the regulatory authority of accounting and auditing or possess certain specified qualifications. Generally, to act as an external auditor of the company, a person should have a certificate of practice from the regulatory authority. Types of auditors * External auditor/ Statutory auditor is an independent firm engaged by the client subject to the audit, to express an opinion on whether the company's financial statements are free of material misstatements, whether due to fraud or error. For publicly traded companies, external auditors may also be required to express an opinion over the effectiveness of internal controls over financial reporting. External auditors may also be engaged to perform other agreed-upon procedures, related or unrelated to financial statements. Most important ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Package Manager
A package manager or package-management system is a collection of software tools that automates the process of installing, upgrading, configuring, and removing computer programs for a computer in a consistent manner. A package manager deals with ''packages'', distributions of software and data in archive files. Packages contain metadata, such as the software's name, description of its purpose, version number, vendor, checksum (preferably a cryptographic hash function), and a list of dependencies necessary for the software to run properly. Upon installation, metadata is stored in a local package database. Package managers typically maintain a database of software dependencies and version information to prevent software mismatches and missing prerequisites. They work closely with software repositories, binary repository managers, and app stores. Package managers are designed to eliminate the need for manual installs and updates. This can be particularly useful for large enterp ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Malware
Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy. By contrast, software that causes harm due to some deficiency is typically described as a software bug. Malware poses serious problems to individuals and businesses on the Internet. According to Symantec's 2018 Internet Security Threat Report (ISTR), malware variants number has increased to 669,947,865 in 2017, which is twice as many malware variants as in 2016. Cybercrime, which includes malware attacks as well as other crimes committed by computer, was predicted to cost the world economy $6 trillion USD in 2021, and is increasing at a rate of 15% per year. Many types of malware exist, including computer viruses, worms, Trojan horses, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Vulnerability (computing)
Vulnerabilities are flaws in a computer system that weaken the overall security of the device/system. Vulnerabilities can be weaknesses in either the hardware itself, or the software that runs on the hardware. Vulnerabilities can be exploited by a threat actor, such as an attacker, to cross privilege boundaries (i.e. perform unauthorized actions) within a computer system. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness. In this frame, vulnerabilities are also known as the attack surface. Vulnerability management is a cyclical practice that varies in theory but contains common processes which include: discover all assets, prioritize assets, assess or perform a complete vulnerability scan, report on results, remediate vulnerabilities, verify remediation - repeat. This practice generally refers to software vulnerabilities in computing systems. Agile vulnerability management refers preventing attacks by ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
HIPAA
The Health Insurance Portability and Accountability Act of 1996 (HIPAA or the Kennedy– Kassebaum Act) is a United States Act of Congress enacted by the 104th United States Congress and signed into law by President Bill Clinton on August 21, 1996. It modernized the flow of healthcare information, stipulates how personally identifiable information maintained by the healthcare and healthcare insurance industries should be protected from fraud and theft, and addressed some limitations on healthcare insurance coverage. It generally prohibits healthcare providers and healthcare businesses, called ''covered entities'', from disclosing protected information to anyone other than a patient and the patient's authorized representatives without their consent. With limited exceptions, it does not restrict patients from receiving information about themselves. It does not prohibit patients from voluntarily sharing their health information however they choose, nor does it require confidentialit ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Payment Card Industry Data Security Standard
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard used to handle credit cards from major card brands. The standard is administered by the Payment Card Industry Security Standards Council and its use is mandated by the card brands. The standard was created to better control cardholder data and reduce credit card fraud. Validation of compliance is performed annually or quarterly, by a method suited to the volume of transactions handled: * Self-Assessment Questionnaire (SAQ) * Firm-specific Internal Security Assessor (ISA) * External Qualified Security Assessor (QSA) History Originally, the major card brands started five different security programs: *Visa's Cardholder Information Security Program * MasterCard's Site Data Protection *American Express's Data Security Operating Policy *Discover's Information Security and Compliance * JCB's Data Security Program The intentions of each were roughly similar: to create an additional level of ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
