Re: BSides Portland - The Linux Audit Framework

Hello All, I was at the BSides Portland security conference last weekend and I gave a presentation called “The Linux Audit Framework” there. I have put up the slides from the presentation on slideshare. I have also put up a file that implements the Center for Internet Security RHEL 6 Benchmark for audit rules. In addition, I have put up a document that is “Smith’s Audit Cheat Sheet”. It is what audit commands to run by analysts during first, second and third shift. The presentation slides are at: http://www.slideshare.net/GarySmith99/the-linux-audit-framework The CIS audit rules are at: http://www.slideshare.net/GarySmith99/linux-auditrules The “Cheat Sheet” are at: http://www.slideshare.net/GarySmith99/audit-commands-by-shift I hope you find them useful.