PAM Authentication Audit: Securing the Linux Login Stack
PAM (Pluggable Authentication Modules) is the layer between every Linux login and the password, key, or token that prove...
Linux security, firewall configuration, and system hardening guides
PAM (Pluggable Authentication Modules) is the layer between every Linux login and the password, key, or token that prove...
The first artifact every responder asks for after a suspected breach is the login history β who connected, from where,...
The Linux kernel exposes hundreds of tunables under /proc/sys, and the defaults are conservative compromises designed to...
Environment variables are the silent attack surface of every Linux server. Every running process exposes its environment...
The Linux Audit Framework (auditd) is a powerful system for tracking security-relevant events on Linux servers. It recor...
Audit open files, listening ports, and network connections with dargslan-lsof-audit CLI tool....
SELinux provides mandatory access control that goes beyond traditional file permissions. When properly configured, SELin...
Check loaded kernel modules, blacklists, and modprobe config with dargslan-modprobe-check CLI tool....
Managing user sessions is a critical security and operational task. Knowing who is logged in, what they are doing, and h...