Audit Script to Detect Unix Operating System

James TaralaBaselining, Scripting, Unix Auditing

In the last few blog entries we have been focusing quite a bit on displaying information from a Unix system via a BASH script. One question that’s come up by quite a few people is, do these commands work on all Unix system? That’s a very valid question. It turns out that one of my favorite sayings about Unix is … Read More

Unix Audit Script for Disk Utilization

James TaralaBaselining, Scripting, Unix Auditing

We’ve noticed an issue on some of our Unix servers lately. This may not be completely security related (unless of course we’re talking about the availability of a system). We have noticed on quite a few occurrences lately that the disk space on our Unix servers has started to grow out of control to the point where the availability of … Read More

More Unix Audit Script One Liners

James TaralaBaselining, Scripting, Unix Auditing

In our last post we gave some examples of Unix audit script one liners for baselining information from a Unix system. It turns out there are more people than we thought who are interested in this topic and are looking to include commands like these in their scripts. We definitely appreciate everyone’s enthusiasm and decided to post more commands in … Read More

Unix Audit Script One Liners

James TaralaBaselining, Scripting, Unix Auditing

Lately I’ve had quite a few requests come in from students and clients to review the audit script that companies are using to audit their Unix / Linux systems. It seems like every company has one person who, at some point in time, wrote a script to audit Unix systems, or they downloaded one from someone online. But in either … Read More

Parsing Lynis Audit Reports

James TaralaUnix Auditing

Last week we passed along some information on a Unix audit tool called Lynis, maintained by Michael Boelen (http://www.rootkit.nl/projects/lynis.html). The value of this tool is that it is an open script that auditors can give to system administrators to run on their Unix servers in order to assess specific technical security controls on the system. If an auditor chose to … Read More

Unix Auditing with Lynis

James TaralaUnix Auditing

One of the questions I get asked often times in our audit classes is how to automate data collection from systems in a way that system administrators will trust. The problem is that there are a number of tools available for doing data collection, but often times those tools are compiled with no easy way to do code review on … Read More