BSides Portland - The Linux Audit Framework
Paul Moore
paul at paul-moore.com
Thu Oct 22 20:34:02 UTC 2015
On Thu, Oct 22, 2015 at 11:53 AM, Smith, Gary R <Gary.Smith at pnnl.gov> wrote:
> Hello All,
>
> I was at the BSides Portland security conference last weekend and I gave a
> presentation called “The Linux Audit Framework” there. I have put up the
> slides from the presentation on slideshare. I have also put up a file that
> implements the Center for Internet Security RHEL 6 Benchmark for audit
> rules. In addition, I have put up a document that is “Smith’s Audit Cheat
> Sheet”. It is what audit commands to run by analysts during first, second
> and third shift.
>
> The presentation slides are at:
> http://www.slideshare.net/GarySmith99/the-linux-audit-framework
> The CIS audit rules are at:
> http://www.slideshare.net/GarySmith99/linux-auditrules
> The “Cheat Sheet” are at:
> http://www.slideshare.net/GarySmith99/audit-commands-by-shift
>
> I hope you find them useful.
I only just quickly skimmed the slides, but thanks for sharing these;
it's always nice to have more awareness of what functionality exists.
--
paul moore
www.paul-moore.com
More information about the Linux-audit
mailing list