Many Linux administrators are required to deploy Auditd in order to meet government or industry security compliance requirements. In this talk we will dive into common Linux Audit configurations and determine their value when responding to successful attacks. Finally by examining real world attacks, we can create Auditd rules that can alert us following the successful exploitation of a service.
If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.
Copyright 2020, IronGeek