A practical Linux security hardening baseline: CIS Benchmark controls, kernel hardening via sysctl, AppArmor mandatory access control, seccomp syscall filtering, auditd for syscall monitoring, SSH hardening, fail2ban, unattended-upgrades, and systemd unit sandboxing.
Auditd
-
Linux Security Hardening Baseline -
auditd: Linux's Syscall Logger A practical guide to Linux's audit daemon — how auditd logs security-relevant events at the syscall level, how to write rules that capture what compliance and threat detection need, and how to turn its verbose output into something usable.
-
Linux Hardening Checklist A practical Linux hardening checklist covering CIS benchmark controls, auditd syscall monitoring, AppArmor and SELinux mandatory access control, kernel parameter tuning, and automated scoring with Lynis.