Security Assessment

After you have applied all your security steps, you can use some tools to test whether there are still potential security risks within the system. Listed below is some basic information about how to use some of the common tools. You will find there are more tools available to perform security assessments.

System log files

Linux systems come with log files to record all system activities under '/var/log'. You can examine the 'auth.log' file to check SSH logins, and examine the 'syslog' file for any system wide activities.

OpenVAS

Open Vulnerability Assessment System (OpenVAS) is a set of tools and services that can be used to scan for vulnerabilities and vulnerability management. OpenVAS uses a security scanner that makes use of over 33 thousand daily-updated tests to conduct the security test. You can download and install the software from its website and also if you want to learn more about it, you can look at its documentation link.

Security Scanning Services 

Some nodes (institutions) offer security scanning services, where you can ask for your Virtual Machines to be scanned and checked for vulnerabilities. Contact your local IT department to see whether this is available.