Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Linux hardening with Lynis with Brian Byrne
Search
Sponsored
·
SiteGround - Reliable hosting with speed, security, and support you can count on.
→
Brian Linuxing
July 17, 2020
Technology
0
100
Linux hardening with Lynis with Brian Byrne
Presentation to Virtual PajamaCon, July 2020 on Linux hardening with Lynis.
Brian Linuxing
July 17, 2020
Tweet
Share
More Decks by Brian Linuxing
See All by Brian Linuxing
A compressed history of operating systems since the abacus
brianlinuxing
0
54
Linux 100 - Why Linux? What makes it so special? by Brian Byrne
brianlinuxing
0
66
Installing Linux from the beginning with Brian Byrne, Virtual MASCOT Conference 2020.
brianlinuxing
0
150
Linuxing In London - August 2020 - Mattermost
brianlinuxing
0
68
What every teacher should know about operating systems (from the Abacus to the modern server) with Brian Byrne,
brianlinuxing
0
130
Linux: what use is a confined user shell? With Alan Griffiths.
brianlinuxing
0
67
Welcome to, what use is a confined user shell? With Alan Griffiths
brianlinuxing
0
44
Welcome to a lap around JetBrains Space with Maarten Balliauw
brianlinuxing
0
43
Virtual event - Kubernetes 101 with Elton Stoneman - 7th May 2020
brianlinuxing
0
72
Other Decks in Technology
See All in Technology
データの整合性を保ちたいだけなんだ
shoheimitani
8
3.2k
茨城の思い出を振り返る ~CDKのセキュリティを添えて~ / 20260201 Mitsutoshi Matsuo
shift_evolve
PRO
1
330
20260204_Midosuji_Tech
takuyay0ne
1
160
小さく始めるBCP ― 多プロダクト環境で始める最初の一歩
kekke_n
1
440
セキュリティについて学ぶ会 / 2026 01 25 Takamatsu WordPress Meetup
rocketmartue
1
310
SRE Enabling戦記 - 急成長する組織にSREを浸透させる戦いの歴史
markie1009
0
130
[CV勉強会@関東 World Model 読み会] Orbis: Overcoming Challenges of Long-Horizon Prediction in Driving World Models (Mousakhan+, NeurIPS 2025)
abemii
0
140
名刺メーカーDevグループ 紹介資料
sansan33
PRO
0
1k
SREのプラクティスを用いた3領域同時 マネジメントへの挑戦 〜SRE・情シス・セキュリティを統合した チーム運営術〜
coconala_engineer
2
670
外部キー制約の知っておいて欲しいこと - RDBMSを正しく使うために必要なこと / FOREIGN KEY Night
soudai
PRO
12
5.6k
Ruby版 JSXのRuxが気になる
sansantech
PRO
0
160
コミュニティが変えるキャリアの地平線:コロナ禍新卒入社のエンジニアがAWSコミュニティで見つけた成長の羅針盤
kentosuzuki
0
120
Featured
See All Featured
From Legacy to Launchpad: Building Startup-Ready Communities
dugsong
0
140
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
16k
My Coaching Mixtape
mlcsv
0
48
The AI Revolution Will Not Be Monopolized: How open-source beats economies of scale, even for LLMs
inesmontani
PRO
3
3k
Kristin Tynski - Automating Marketing Tasks With AI
techseoconnect
PRO
0
150
Done Done
chrislema
186
16k
Building Flexible Design Systems
yeseniaperezcruz
330
40k
A Soul's Torment
seathinner
5
2.3k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
11
830
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.6k
HU Berlin: Industrial-Strength Natural Language Processing with spaCy and Prodigy
inesmontani
PRO
0
220
Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum
chikuwait
0
330
Transcript
Linux hardening with Lynis with Brian Byrne Virtual PajamaCon July
2020 © Brian Byrne, 2020. Twitter:@BrianLinuxing Email:
[email protected]
1
The thank yous A big thanks to everyone at PajamaCon
for inviting me. Credit to Tuxedo Computers for supporting our free Linux community ! https://www.tuxedocomputers.com/ These slides are on Speaker Deck https://speakerdeck.com/brianlinuxing © Brian Byrne, 2020. Twitter:@BrianLinuxing Email:
[email protected]
2
Brian Byrne discovered computing around the time Intel released the
4004 chip, in 1971. After 1979 he professionally worked across most sectors, education, commercial and finance, in some seriously technical, managerial and hands-on roles. Brian founded Linuxing In London in 2016, co-organises Covent Garden Pi Jam and all London Raspberry Pi Jam (mini-science festivals for kids), plus a lot more. NB: Brian speaks in paragraphs. He is a freelance IT manager, a thinker and do-er for hire. Want your IT systems organised properly? Pay him, he’ll do it for you! © Brian Byrne, 2020. Twitter:@BrianLinuxing Email:
[email protected]
3
Brian’s Operating Systems I’ve used, installed, fixed and played with
over 24 operating systems in 40 years, including but not limited to: TOPS-10, RT-11, RSX, VAX/VMS, CP/M, MS-DOS, AmigaOS, RSTE/E, Classic Mac OS (Lisa), Sinclair_QDOS, Ultrix, OSF/1, SCO Unix, OpenVMS, OS/2, VM/CMS, NetWare 2->3, Windows 1-> Windows 3.1, Windows 95->98 SE, Windows NT 1.0 ->4, Windows 2000, Windows XP, Windows Vista, Windows 7->8.1, Windows 10 and a lot more. Linux was my 15th or 16th operating system! © Brian Byrne, 2020. Twitter:@BrianLinuxing Email:
[email protected]
4
A word about Linux Everything is Linux. Android phones, the
lot. Linux is used on 100% of the world’s supercomputers. Everyone runs Linux: AWS, Netflix, Google, Facebook, even Microsoft Distrowatch lists 274 live Linux distributions, as of July 2020. Linux is free. 274 types to try out! Plenty of choice, masses of options. © Brian Byrne, 2020. Twitter:@BrianLinuxing Email:
[email protected]
5
Brief agenda Outline the topic, think about relate issues and
what obstacles could exist and how to preempt them. Technical demos on Ubuntu 20.04 and a Jetson Xavier NX running 18.04 © Brian Byrne, 2020. Twitter:@BrianLinuxing Email:
[email protected]
6
IBM Roadrunner ~2009 at Los Alamos National Laboratory, it ran
Red Hat © Brian Byrne, 2020. Twitter:@BrianLinuxing Email:
[email protected]
7
Hypothetical cluster setup © Brian Byrne, 2020. Twitter:@BrianLinuxing Email:
[email protected]
8
Your predicament © Brian Byrne, 2020. Twitter:@BrianLinuxing Email:
[email protected]
9
An ally: Lynis © Brian Byrne, 2020. Twitter:@BrianLinuxing Email:
[email protected]
10
But why? Isn’t Linux secure? Yes, by virtue of the
separation of privileges, by design. Users can’t (generally) damage a Linux system, but misconfiguration is a big problem. © Brian Byrne, 2020. Twitter:@BrianLinuxing Email:
[email protected]
11
Technical demos Two technical demos, on an Ubuntu 20.04 system
and another on an Nvidia Jetson Xavier NX, which effectively runs 18.04. The only requirement is git. © Brian Byrne, 2020. Twitter:@BrianLinuxing Email:
[email protected]
12 Login to a standard Linux account 1. git clone https://github.com/CISOfy/lynis 2. cd lynis 3. ./lynis -V 4. ./lynis audit system
Post audit Collate the reports. Look for serious problems. Get
management buy-in. Sell changes to techies. Talk with technical teams and management, prioritise fixes. Implement stage by stage, small wins first. Look out for gotchas. Plan post change audits. Don’t just look at the technical issues, think about humans and stress! © Brian Byrne, 2020. Twitter:@BrianLinuxing Email:
[email protected]
13
Talk links Lynis home https://cisofy.com/lynis/ Lynis on github https://github.com/CISOfy/lynis Lynis
on Wikpedia https://en.wikipedia.org/wiki/Lynis OWASP projects https://owasp.org/projects/ OWASP London https://www.meetup.com/OWASP-London/ © Brian Byrne, 2020. Twitter:@BrianLinuxing Email:
[email protected]
14
The End Thank you for participating. Enjoyed the event, slides,
etc? Then please leave a nice comment on Twitter. [NB: All images are copyright of their respective owners.] © Brian Byrne, 2020. Twitter:@BrianLinuxing Email:
[email protected]
15
SiteGround - Reliable hosting with speed, security, and support you can count on.
brianlinuxing
shoheimitani
shift_evolve
takuyay0ne
kekke_n
rocketmartue
markie1009
abemii
sansan33
coconala_engineer
soudai
sansantech
kentosuzuki
dugsong
sstephenson
mlcsv
inesmontani
techseoconnect
chrislema
yeseniaperezcruz
seathinner
tammyeverts
thoeni
chikuwait
![Hypothetical cluster setup © Brian Byrne, 2020. Twitter:@BrianLinuxing Email: [email protected]](https://files.speakerdeck.com/presentations/dbb3f6e20cab427eb0b66192a08d4686/slide_7.jpg){kind=link}
![Your predicament © Brian Byrne, 2020. Twitter:@BrianLinuxing Email: [email protected] 9](https://files.speakerdeck.com/presentations/dbb3f6e20cab427eb0b66192a08d4686/slide_8.jpg){kind=link}
![An ally: Lynis © Brian Byrne, 2020. Twitter:@BrianLinuxing Email: [email protected]](https://files.speakerdeck.com/presentations/dbb3f6e20cab427eb0b66192a08d4686/slide_9.jpg){kind=link}
