From c038cde3bacb1450a1a1cda20e2528f86d73e969 Mon Sep 17 00:00:00 2001 From: IMTheNachoMan Date: Mon, 1 Apr 2019 21:59:32 -0400 Subject: [PATCH] aide, clam, and fixed TOC --- README.md | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 7db548b..16f7c85 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,7 @@ An evolving how-to guide for securing a Linux server that, hopefully, also teach ## Table of Contents +- [Table of Contents](#table-of-contents) - [Introduction](#introduction) - [Guide Objective](#guide-objective) - [Why Secure Your Server](#why-secure-your-server) @@ -39,11 +40,13 @@ An evolving how-to guide for securing a Linux server that, hopefully, also teach - [UFW: Uncomplicated Firewall](#ufw-uncomplicated-firewall) - [PSAD: iptables Intrusion Detection And Prevention](#psad-iptables-intrusion-detection-and-prevention) - [Fail2ban: Application Intrusion Detection And Prevention](#fail2ban-application-intrusion-detection-and-prevention) -- [The Danger Zone](#the-danger-zone) - [The Auditing](#the-auditing) + - [AIDE - File/Folder Integrity Monitoring (WIP)](#aide---filefolder-integrity-monitoring-wip) + - [ClamAV Antivirus (WIP)](#clamav-antivirus-wip) - [logwatch - system log analyzer and reporter](#logwatch---system-log-analyzer-and-reporter) - [ss - Seeing Ports Your Server Is Listening On](#ss---seeing-ports-your-server-is-listening-on) - [Lynis - Linux Security Auditing](#lynis---linux-security-auditing) +- [The Danger Zone](#the-danger-zone) - [The Miscellaneous](#the-miscellaneous) - [Configure Gmail As MTA With Implicit TLS](#configure-gmail-as-mta-with-implicit-tls) - [Separate iptables Log File](#separate-iptables-log-file) @@ -1762,10 +1765,16 @@ fail2ban-client set sshd unbanip 192.168.1.100 #### Why +WIP + #### How It Works +WIP + #### Goals +WIP + #### References - https://aide.github.io/ @@ -1963,10 +1972,14 @@ Every time you make changes to files/folders that AIDE monitors, you will need t sudo aideinit -y -f ``` +([Table of Contents](#table-of-contents)) + ### ClamAV Antivirus (WIP) #### Why +WIP + #### How It Works - ClamAV is a virus scanner @@ -1975,6 +1988,8 @@ sudo aideinit -y -f #### Goals +WIP + #### Notes - These instructions **do not** tell you how to enable the ClamAV daemon service to ensure `clamd` is running all the time. `clamd` is only if you're running a mail server and does not provide real-time monitoring of files. Instead, you'd want to scan files manually or on a schedule. @@ -2072,6 +2087,8 @@ sudo aideinit -y -f - You can use the `-i` switch to only print infected files. - Check `clamscan`'s `man` pages for other switches/options. +([Table of Contents](#table-of-contents)) + ### logwatch - system log analyzer and reporter #### Why