* BSides Portland - The Linux Audit Framework
@ 2015-10-22 15:53 Smith, Gary R
2015-10-22 20:34 ` Paul Moore
0 siblings, 1 reply; 2+ messages in thread
From: Smith, Gary R @ 2015-10-22 15:53 UTC (permalink / raw)
To: linux-audit
[-- Attachment #1.1: Type: text/plain, Size: 811 bytes --]
Hello All,
I was at the BSides Portland security conference last weekend and I gave a presentation called “The Linux Audit Framework” there. I have put up the slides from the presentation on slideshare. I have also put up a file that implements the Center for Internet Security RHEL 6 Benchmark for audit rules. In addition, I have put up a document that is “Smith’s Audit Cheat Sheet”. It is what audit commands to run by analysts during first, second and third shift.
The presentation slides are at: http://www.slideshare.net/GarySmith99/the-linux-audit-framework
The CIS audit rules are at: http://www.slideshare.net/GarySmith99/linux-auditrules
The “Cheat Sheet” are at: http://www.slideshare.net/GarySmith99/audit-commands-by-shift
I hope you find them useful.
Best regards,
Gary Smith
[-- Attachment #1.2: Type: text/html, Size: 1541 bytes --]
[-- Attachment #2: Type: text/plain, Size: 0 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: BSides Portland - The Linux Audit Framework
2015-10-22 15:53 BSides Portland - The Linux Audit Framework Smith, Gary R
@ 2015-10-22 20:34 ` Paul Moore
0 siblings, 0 replies; 2+ messages in thread
From: Paul Moore @ 2015-10-22 20:34 UTC (permalink / raw)
To: Smith, Gary R; +Cc: linux-audit
On Thu, Oct 22, 2015 at 11:53 AM, Smith, Gary R <Gary.Smith@pnnl.gov> wrote:
> Hello All,
>
> I was at the BSides Portland security conference last weekend and I gave a
> presentation called “The Linux Audit Framework” there. I have put up the
> slides from the presentation on slideshare. I have also put up a file that
> implements the Center for Internet Security RHEL 6 Benchmark for audit
> rules. In addition, I have put up a document that is “Smith’s Audit Cheat
> Sheet”. It is what audit commands to run by analysts during first, second
> and third shift.
>
> The presentation slides are at:
> http://www.slideshare.net/GarySmith99/the-linux-audit-framework
> The CIS audit rules are at:
> http://www.slideshare.net/GarySmith99/linux-auditrules
> The “Cheat Sheet” are at:
> http://www.slideshare.net/GarySmith99/audit-commands-by-shift
>
> I hope you find them useful.
I only just quickly skimmed the slides, but thanks for sharing these;
it's always nice to have more awareness of what functionality exists.
--
paul moore
www.paul-moore.com
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2015-10-22 20:34 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-10-22 15:53 BSides Portland - The Linux Audit Framework Smith, Gary R
2015-10-22 20:34 ` Paul Moore
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.