Security

Table of Contents

• Security

  • Anti-Virus

    • clamscan

  • Audit

    • auditctl

    • ausearch

  • Kerberos

    • kadmin (Command)

    • kadmin (Interactive)

    • klist

    • kdestroy

  • Local System

    • genkey

    • gpg

    • lastb

    • lastlog

    • sudo

  • History

See also: Firewalls, Permissions

Anti-Virus

clamscan

A free and open source anti-virus command line utility. Run “freshclam” to update the anti-virus database.

Usage	Explanation
-r	recursively through folders
-i	only output infected files
–move=<PATH>	specify path to move infected files to

Audit

Package: audit

For Audit to work properly, the service needs to be started.

$ sudo systemctl start auditctl

auditctl

Log verbose modifications and access to a file.

Usage	Explanation
-w	watch a file
-p arwx	watch for appending, reading, writing and executing of the file

ausearch

used after setting up auditctl on a file

Usage	Explanation
-f	views log of a given file
-t	check for changes during a certain time

Kerberos

kadmin (Command)

Package: krb5-workstation

Manage the Kerberos Distribution Center (KDC).

Usage	Explanation
-q	run interactive commands

kadmin (Interactive)

Usage	Explanation
?	view the available commands
addprinc <USER>	create a new principal for a user
addprinc host/<HOSTNAME>	create a new principal to allow authentication from a server
addprinc nfs/<HOSTNAME>	create an NFS principal
addprinc cifs/<HOSTNAME>	create a CIFS/SMB principal
addprinc ftp/<HOSTNAME>	create a FTP principal
ktadd host/<HOSTNAME>	save the principal to the /etc/krb5.keytab file
ktremove host/<HOSTNAME>	remove the principal from the keytab file
delprinc	delete a principal
listprincs	list principals

klist

View authentication information about Kerberos.

Usage	Explanation
	show the current ticket validation status
-k	show the contents of the /etc/krb5.keytab file

kdestroy

Revoke a user’s Kerberos ticket.

Usage	Explanation
	write zeros to the cached ticket file to securely remove it

Local System

Miscellaneous commands for managing security on local systems.

genkey

Package: crypto-keys

Generate SSL/TLS certificates.

Usage	Explanation
<DOMAIN_NAME>	create a self-signed SSL

gpg

Package: gnupg

Usage	Explanation
–output <NEW_FILE>.gpg –encrypt <FILE>	encrypt a specified file, saving it as a new file
–output <FILE> –decrypt <NEW_FILE>.gpg	decrypt an encrypted file, saving it as a new file

lastb

Package: util-linux

Usage	Explanation
	shows last failed login attempts

lastlog

Package: shadow-utils

Usage	Explanation
	shows inform about the last logins

sudo

Package: sudo

Allow non-root accounts to temporarily run privileged commands.

Usage	Explanation
-E	keeps sudo enabled for the current shell session

History

• Latest

• < 2019.01.01