Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hello, people.
I'm looking for some article that have relative to "how to be guru in security monitoring".
For example, i'm using splunk + ossec + auditd, monitoring bash history,
I'm not monitoring network (so, any tips about it will be cool). How to example, monitoring linux firewall?
Maybe, any information that can help me detect bad hackers who want to get access to my PC (indicators of compromise).
For me it's shit monitoring and I'm junior in this issue, so any guides will be help me.
Hello, people.
I'm looking for some article that have relative to "how to be guru in security monitoring".
For example, i'm using splunk + ossec + auditd, monitoring bash history,
I'm not monitoring network (so, any tips about it will be cool). How to example, monitoring linux firewall?
Maybe, any information that can help me detect bad hackers who want to get access to my PC (indicators of compromise).
For me it's shit monitoring and I'm junior in this issue, so any guides will be help me.
Thank you!
Google and other search engines proves a really good search tool for articles on whatever topic.
I am not googling around here pun intended.
Hello, people.
I'm looking for some article that have relative to "how to be guru in security monitoring". For example, i'm using splunk + ossec + auditd, monitoring bash history, I'm not monitoring network (so, any tips about it will be cool). How to example, monitoring linux firewall?
Which "linux firewall" are you monitoring? There is no 'guide' to security...it's a process. You need to first understand the topic, and it's fairly clear you don't have much of an idea about it now. As habitual stated, Google can get you started.
Quote:
Maybe, any information that can help me detect bad hackers who want to get access to my PC (indicators of compromise).
Again, which PC? Running what services? On what kind of network, behind what firewalls? With what open ports??? Your question is sort of like asking "how high is up?" Without context, it has no meaning.
Quote:
For me it's shit monitoring and I'm junior in this issue, so any guides will be help me.
You need to read the LQ Rules, and quit using profanity. If you want to be more than 'junior in this issue', you need to **LEARN** things. It doesn't appear as if you have a good idea what the topic of computer security entails. Without knowing the basics, you can't learn anything advanced.
Since you probably found THIS site with a Google search, go back there and put things in like "basics of computer security", and learn the CONCEPTS. Build on them, and learn how they apply to different systems/network. Then learn more...and prepare to keep learning the rest of your life, because it is a NEVER ENDING process.
Want to be a 'guru' and keep your computer 100% safe? Lock it in a metal room, and don't ever connect it to a network. Aside from that...you're ALWAYS vulnerable.
Hello, people.
I'm looking for some article that have relative to "how to be guru in security monitoring".
For example, i'm using splunk + ossec + auditd, monitoring bash history,
I'm not monitoring network (so, any tips about it will be cool). How to example, monitoring linux firewall?
Maybe, any information that can help me detect bad hackers who want to get access to my PC (indicators of compromise).
For me it's shit monitoring and I'm junior in this issue, so any guides will be help me.
Thank you!
No network monitoring?
Why is it "shit monitoring"?
Advice: They give the good jobs to those whose do "shit" jobs well.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
pun intended. 
