BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Filter:

Posts Tagged ‘sudo’

webinar_chalk

On Demand Webinar: Monitoring Linux/UNIX Privileged Users

Posted April 3, 2015    Lindsay Marsh

On Demand Webinar – Randy Franklin Smith looks at how to audit what admins do inside Linux and UNIX with sudo’s logging capabilities. Then, the BeyondTrust team will walk through how to augment sudo for complete control and auditing over UNIX and Linux user activity.

Tags:
, , ,
randy franklin smith

At the End of Day You Can’t Control What Privileged Users Do: It’s about Detective/Deterrent Controls and Accountability

Posted March 31, 2015    Randy Franklin Smith

Live Webinar: Thursday, April 2, 2015 | 10am PT/1pm ET | REGISTER NOW! In this webinar, Security Expert Randy Franklin Smith will look at how to audit what admins do inside Linux and UNIX with sudo’s logging capabilities.

Tags:
, ,
randy franklin smith

Beyond Root: Securing Privileged Access in Linux

Posted January 20, 2015    Randy Franklin Smith

Like UNIX, at its core, Linux’s security model is basically monolithic – you either have root access or you don’t. But root access is too powerful for so many reasons; routinely using the actual root account – while easy and still frighteningly common – is so dangerous it borders on negligent. Auditors know about root…

Tags:
, , , , , ,
clock-reset

sudo authentication bypass when clock is reset

Posted March 7, 2013    Rod Simmons

A recent discovery by a German researcher, Marco Schoepl, found that it is possible for a user to bypass sudo authentication by resetting the clock. To read more about this vulnerability see the articles on seclist.org and threatpost.com. What we have found is that many highly secure customers have already adopted the timestamp_timeout=0 setting which…

Tags:
, , , ,