NOTE: Work in progress
TODO: Identity management, two-factor auth, OpenVPN, Logstash, log shippers, IIS logs, OSSEC, Snort, Suricata, snorby, restart iis w/o admin role,
-
PCI Compliance with Open Source at (Almost) Zero Cost. Part 1 - http://rafeeqrehman.com/2011/05/24/zero-cost-pci-compliance/
-
PCI Compliance with Open Source at (Almost) Zero Cost. Part 2 - http://rafeeqrehman.com/2011/07/17/zero-cost-pci-compliance-part-2/
-
PCI compliance with Linux and Open Source at Ohio Linux Fest - http://rafeeqrehman.com/wp-content/uploads/2011/09/ohio-linux-fest.pdf
-
PCI DSS and Red Hat Enterprise Linux. Part #1 - http://blog.ptsecurity.com/2010/07/red-card-specificity-of-pci-dss-in.html
-
PCI DSS and Red Hat Enterprise Linux. Part #2 - http://blog.ptsecurity.com/2010/07/red-card-specificity-of-pci-dss-in_19.html
-
PCI DSS and Red Hat Enterprise Linux. Part #3 - http://blog.ptsecurity.com/2010/08/pci-dss-and-red-hat-enterprise-linux.html
-
PCI DSS and Red Hat Enterprise Linux. Part #4 - http://blog.ptsecurity.com/2010/09/pci-dss-and-red-hat-enterprise-linux.html
-
PCI DSS and Red Hat Enterprise Linux. Part #5 - http://blog.ptsecurity.com/2010/09/pci-dss-and-red-hat-enterprise-linux_03.html
-
PCI DSS and Red Hat Enterprise Linux. Part #6 - http://blog.ptsecurity.com/2010/10/pci-dss-and-red-hat-enterprise-linux.html
-
PCI DSS and Red Hat Enterprise Linux. Part #7 - http://blog.ptsecurity.com/2010/10/pci-dss-and-red-hat-enterprise-linux_20.html
-
PCI DSS and Red Hat Enterprise Linux. Part #8 - http://blog.ptsecurity.com/2010/11/requirement-10-track-and-monitor-all.html
-
PCI DSS and Red Hat Enterprise Linux. Part #9 - http://blog.ptsecurity.com/2010/11/pci-dss-and-red-hat-enterprise-linux.html
-
REQ 2, 3, 4, 12, 13. Encryption basics - http://pciguru.wordpress.com/2012/01/01/encryption-basics/
-
REQ 3.5. Encryption key management primer - http://pciguru.wordpress.com/2012/01/15/encryption-key-management-primer-requirement-3-5/
-
REQ 3.6. Encryption key management primer - http://pciguru.wordpress.com/2012/01/28/encryption-key-management-primer-requirement-3-6/
-
REQ 6.1. Intent of requirements - http://pciguru.wordpress.com/2011/01/27/intent-of-requirements-%E2%80%93-6-1/
-
REQ 6.6. Part 1 - http://pciguru.wordpress.com/2009/03/01/requirement-66-%E2%80%93-the-misunderstood-requirement-%E2%80%93-part-1/
-
REQ 6.6. Part 2 - http://pciguru.wordpress.com/2009/03/02/requirement-66-%E2%80%93-part-2/
-
REQ 6.6. Part 3 - http://pciguru.wordpress.com/2009/03/03/requirement-66-%E2%80%93-part-3/
-
REQ 8.5.1. The flaw in requirement - http://pciguru.wordpress.com/2014/07/01/the-flaw-in-requirement-8-5-1/
-
REQ 9.7.1. Annoying requirements - http://pciguru.wordpress.com/2010/05/13/annoying-requirements-%E2%80%93-9-7-1/
-
REQ 10.6. PCI DSS v3 - http://pciguru.wordpress.com/2014/01/25/pci-dss-v3-requirement-10-6/
-
REQ 11.2. Intent of requirements - http://pciguru.wordpress.com/2011/02/03/intent-of-requirements-%E2%80%93-11-2/
-
Adventures In Finding Cardholder Data - http://pciguru.wordpress.com/2014/05/18/adventures-in-finding-cardholder-data/
-
Pre-Authorization Data - http://pciguru.wordpress.com/2014/02/08/pre-authorization-data-2/
-
An Open Letter To Executives - http://pciguru.wordpress.com/2014/04/13/an-open-letter-to-executives/
-
REQ 3.4.1. Disk Encryption - http://blog.403labs.com/post/8402704243/disk-encryption-and-pci-requirement-3-4-1
-
REQ 6.5. App Development and OWASP Top 10. Part 1 - http://blog.403labs.com/post/20466128184/secure-application-development-and-the-owasp-top-10
-
REQ 6.5. App Development and OWASP Top 10. Part 2 - http://blog.403labs.com/post/24211952692/secure-application-development-and-the-owasp-top-10
-
REQ 6.5. App Development and OWASP Top 10. Part 2 - http://blog.403labs.com/post/31924845591/secure-application-development-and-the-owasp-top-10
-
PCI DSS. The Open Source Way - http://www.qcode.co.uk/pci-dss-compliance-the-open-source-way/index.html
-
REQ 8.1. Two-factor Authentication - http://www.qcode.co.uk/pci-dss-requirement-8-part-1-two-factor-authentication/
-
REQ 8.2. Stunnel & Plain Text Passwords - http://www.qcode.co.uk/pci-dss-requirement-8-part-2-stunnel-plain-text-passwords/
-
REQ 8.3. User & Password Policy - http://www.qcode.co.uk/pci-dss-requirement-8-part-3-user-password-policy/
-
REQ 10.1. Logging with Rootsh - http://www.qcode.co.uk/pci-dss-requirement-10-part1-logging-with-rootsh/
-
REQ 10.2. NTP Time Synchronisation - http://www.qcode.co.uk/pci-dss-requirement-10-part-2-ntp-time-synchronisation/
-
REQ 10.3. Centralised Logging - http://www.qcode.co.uk/pci-dss-requirement-10-part-3-centralised-logging/
-
REQ 10.4. Log File Monitoring (and more) with OSSEC - http://www.qcode.co.uk/pci-dss-requirement-10-part-4-log-file-monitoring-and-more-with-ossec/
-
PCI DSS совместимость. Часть 1 - http://www.winsecurity.ru/articles/pci-dss-compliance.html
-
PCI DSS совместимость. Часть 2 - http://www.winsecurity.ru/articles/pci-dss-compliance-part2.html
- auditd - Linux audit daemon - http://linux.die.net/man/8/auditd
- rootsh - a logging wrapper for shells - http://linux.die.net/man/1/rootsh
- grsecurity - http://grsecurity.net/
- Process Accounting - http://www.tldp.org/HOWTO/Process-Accounting/
- A Brief Introduction to auditd - http://security.blogoverflow.com/2013/01/a-brief-introduction-to-auditd/
- Stump the Chump with Auditd 01 - http://security.blogoverflow.com/2013/09/stump-the-chump-with-auditd-01/
- Auditd in Linux for PCI DSS compliance - http://networkrecipes.blogspot.com/2013/03/auditd-in-linux-for-pci-dss-compliance.html
- The Linux Audit System, or Who Changed That File? - http://www.la-samhna.de/library/audit.html
- Convert Linux uid / gid into user / group names - http://www.linuxquestions.org/questions/linux-security-4/auditd-audit-log-not-display-date-or-user-643815/#post3166168
- Regarding rootsh - http://ubuntuforums.org/showthread.php?t=1764085
- How can I log user activity on SSH - http://serverfault.com/questions/362532/how-can-i-log-user-activity-on-ssh
- Log SSH activity - http://askubuntu.com/questions/112686/log-ssh-activity
- rootsh terminal logger keeps watch on root users - http://archive09.linux.com/feature/61687
- syslog-ng - Multiplatform Syslog Server and Logging Daemon - http://www.balabit.com/network-security/syslog-ng/
- logstash - open source log management - http://logstash.net/
- logstash-forwarder - https://github.com/elasticsearch/logstash-forwarder
- nxlog - open-source multi-platform log management - http://nxlog.org/
- Graylog2 - Open source log management and data analytics - http://graylog2.org/
- Fluentd - Open Source Log Management - http://www.fluentd.org/
- Apache Flume - collecting, aggregating, and moving large amounts of log data - http://flume.apache.org/
- Kibana - http://www.elasticsearch.org/overview/kibana/
- Python log tailer script could be user as input - http://nxlog.org/nxlog-docs/en/nxlog-reference-manual.html#im_exec
- Perl function can be called for each log event - http://nxlog.org/nxlog-docs/en/nxlog-reference-manual.html#xm_perl
- pm_transformer module can convert syslog to json - http://nxlog.org/nxlog-docs/en/nxlog-reference-manual.html#pm_transformer
- Nessus - http://www.nessus.org
- Nmap - http://www.nmap.org
- Kismet Wireless detection and sniffing - http://www.kismetwireless.net/
- Backtrack - http://www.remote-exploit.org/backtrack.html
- Web application testing with w3af
- OpenVAS Vulnerability Scanner (is like Nessus client/Server) - http://www.openvas.org/
- SSL crypto verification and certificate checking - SSLscan, available on Linux
- Metasploit - http://www.metasploit.com/
- Backtrack - http://www.remote%C2%AD%E2%80%90exploit.org/backtrack.html
- Wireshark packet capture and analysis - http://www.wireshark.org/
- Building PCI compliant Django applications - https://speakerdeck.com/kencochrane/building-pci-compliant-django-applications
Here is a guide for PCI DSS with focus on Linux: http://linux-audit.com/linux-systems-guide-to-achieve-pci-dss-compliance-and-certification/