Linux + Security = Happy Friday to Me

view full story

http://www.suseblog.com – At my place of employment, we are making some great progress at switching our end users to Linux. So far, we have made great progress. Everything has been successful up to this point. It is quite greatly satisfying for me to be able to save my employer money, while at the same time exposing people to the very capable operating system that is Linux. So far, so good! We are also working towards tighter security and becoming more standards-compliant. This is incredibly exciting for me, as I am a security sucker. Don’t know everything there is to know, but really love the topic. My brother is a retired Colonel from the US Army. His specialty? Computer security, hacking, and all that sort of stuff. He currently has contracts with the Pentagon for security-related projects, etc. He helps a lot when I have questions. I’m actually pretty interested in the CISSP certification. But this exercise in PCI compliance is a shot in the arm for me. I love it. If you have any recommendations for applications/appliances that are PCI-certified, let me know. I’m aware of OpenVPN, fail2ban, Nessus, OpenVAS, Snort, BASE, Squil, OSSEC, Kismet, PHPIDS, and mod_security, for example. What are some others that you have found useful? (Distributions)