External Resources¶

Curated list of authoritative resources for Ubuntu Server security and administration.

Official Ubuntu Resources¶

Canonical/Ubuntu¶

Resource	URL	Description
Ubuntu Server Guide	https://ubuntu.com/server/docs	Official documentation
Ubuntu Security	https://ubuntu.com/security	Security notices and tools
Ubuntu Pro	https://ubuntu.com/pro	Extended security and Livepatch
Ubuntu CVE Tracker	https://ubuntu.com/security/cves	Vulnerability database
Launchpad	https://launchpad.net/ubuntu	Bug tracking and packages
Ubuntu Wiki	https://wiki.ubuntu.com	Community documentation
Ubuntu Discourse	https://discourse.ubuntu.com	Community forums

Security Notices¶

Resource	URL	Description
USN	https://ubuntu.com/security/notices	Ubuntu Security Notices
Ubuntu Security Podcast	https://ubuntusecuritypodcast.org	Weekly security updates

Security Standards and Benchmarks¶

CIS (Center for Internet Security)¶

Resource	URL	Description
CIS Benchmarks	https://www.cisecurity.org/benchmark/ubuntu_linux	Ubuntu hardening guide
CIS Controls	https://www.cisecurity.org/controls	Security best practices
CIS-CAT	https://www.cisecurity.org/cybersecurity-tools/cis-cat-pro	Assessment tool

NIST¶

Resource	URL	Description
NIST CSF	https://www.nist.gov/cyberframework	Cybersecurity Framework
SP 800-123	https://csrc.nist.gov/publications/detail/sp/800-123/final	Server Security Guide
SP 800-53	https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final	Security Controls
NVD	https://nvd.nist.gov	National Vulnerability Database

DISA STIGs¶

Resource	URL	Description
DISA STIGs	https://public.cyber.mil/stigs/	Security Technical Implementation Guides
STIG Viewer	https://public.cyber.mil/stigs/srg-stig-tools/	STIG viewing tool

OWASP¶

Resource	URL	Description
OWASP	https://owasp.org	Web security resources
OWASP Top 10	https://owasp.org/Top10/	Top web vulnerabilities
OWASP Cheat Sheets	https://cheatsheetseries.owasp.org	Security cheat sheets

Linux Security Resources¶

General Linux Security¶

Resource	URL	Description
Linux Security	https://linuxsecurity.com	News and tutorials
Kernel Security	https://www.kernel.org/doc/html/latest/admin-guide/security.html	Kernel documentation
systemd Security	https://systemd.io	systemd documentation

Hardening Guides¶

Resource	URL	Description
Lynis	https://cisofy.com/lynis/	Security auditing tool
OpenSCAP	https://www.open-scap.org	SCAP security scanner
Tiger	https://www.nongnu.org/tiger/	Security audit tool

Networking and Firewall¶

Resource	URL	Description
Netplan	https://netplan.io	Network configuration
nftables Wiki	https://wiki.nftables.org	Firewall documentation
UFW Documentation	https://wiki.ubuntu.com/UncomplicatedFirewall	UFW guide

SSH Resources¶

Resource	URL	Description
OpenSSH	https://www.openssh.com	Official OpenSSH site
SSH Audit	https://www.ssh-audit.com	SSH security scanner
Mozilla SSH Guidelines	https://infosec.mozilla.org/guidelines/openssh	SSH best practices

Logging and Monitoring¶

Resource	URL	Description
auditd	https://people.redhat.com/sgrubb/audit/	Linux audit framework
rsyslog	https://www.rsyslog.com/doc/	rsyslog documentation
journald	https://www.freedesktop.org/software/systemd/man/journald.conf.html	Journal configuration

Tools Documentation¶

Package Management¶

Tool	Documentation
APT	https://wiki.debian.org/Apt
dpkg	https://man7.org/linux/man-pages/man1/dpkg.1.html

Security Tools¶

Tool	Documentation
Fail2ban	https://www.fail2ban.org
AppArmor	https://gitlab.com/apparmor/apparmor/-/wikis/home
AIDE	https://aide.github.io
rkhunter	https://rkhunter.sourceforge.net

Encryption¶

Tool	Documentation
LUKS/cryptsetup	https://gitlab.com/cryptsetup/cryptsetup
GnuPG	https://gnupg.org/documentation/

Learning Resources¶

Online Courses¶

Platform	Course	Description
Linux Foundation	Linux Security	Professional certification
Cybrary	Linux Security	Free security training
Pluralsight	Linux Administration	Comprehensive courses

Books¶

Title	Author	Topic
The Linux Command Line	William Shotts	Linux fundamentals
Linux Administration Handbook	Nemeth et al.	System administration
Linux Security Cookbook	Barrett et al.	Security recipes

Practice Environments¶

Resource	URL	Description
OverTheWire	https://overthewire.org/wargames/	Security challenges
HackTheBox	https://www.hackthebox.com	Penetration testing labs
TryHackMe	https://tryhackme.com	Security training

Community Resources¶

Forums and Q&A¶

Resource	URL	Description
Ask Ubuntu	https://askubuntu.com	Ubuntu Q&A
Unix & Linux SE	https://unix.stackexchange.com	Linux Q&A
Server Fault	https://serverfault.com	Sysadmin Q&A

Reddit¶

Subreddit	Description
r/ubuntu	Ubuntu community
r/linuxadmin	Linux administration
r/netsec	Network security
r/sysadmin	System administration

Mailing Lists¶

List	URL	Description
ubuntu-security-announce	https://lists.ubuntu.com	Security announcements
oss-security	https://www.openwall.com/lists/oss-security/	Open source security

Vulnerability Resources¶

Databases¶

Resource	URL	Description
CVE	https://cve.mitre.org	Common Vulnerabilities
NVD	https://nvd.nist.gov	National Vulnerability Database
Exploit-DB	https://www.exploit-db.com	Exploit database

News and Alerts¶

Resource	URL	Description
The Hacker News	https://thehackernews.com	Security news
Krebs on Security	https://krebsonsecurity.com	Security journalism
Schneier on Security	https://www.schneier.com	Security analysis

Tool Downloads¶

Security Scanners¶

Tool	URL	Description
Lynis	https://github.com/CISOfy/lynis	Security auditing
OpenSCAP	https://github.com/OpenSCAP/openscap	Compliance scanning
Nmap	https://nmap.org	Network scanner
Nikto	https://github.com/sullo/nikto	Web scanner

Monitoring¶

Tool	URL	Description
OSSEC	https://www.ossec.net	Host intrusion detection
Wazuh	https://wazuh.com	Security platform
Prometheus	https://prometheus.io	Monitoring system
Grafana	https://grafana.com	Visualization

Keeping Current¶

Ubuntu Security Notices (USN)
CIS mailing list
NIST vulnerability alerts
Your distribution's security announce list

Check Regularly¶

Ubuntu security notices weekly
CVE databases for your software
Security news sites
Tool update announcements

Review Periodically¶

CIS Benchmark updates (new versions)
NIST publications
Industry best practices
New security tools and techniques

Quick Links¶

Most Used¶

Resource	Direct Link
Ubuntu Security Notices	https://ubuntu.com/security/notices
CIS Ubuntu Benchmark	https://www.cisecurity.org/benchmark/ubuntu_linux
Ubuntu Server Docs	https://ubuntu.com/server/docs
Lynis Docs	https://cisofy.com/documentation/lynis/
SSH Best Practices	https://infosec.mozilla.org/guidelines/openssh

Emergency¶

Situation	Resource
Ubuntu CVE	https://ubuntu.com/security/cves
Incident Response	Your organization's IR plan
Ubuntu Support	https://ubuntu.com/support

External Resources¶

Official Ubuntu Resources¶

Canonical/Ubuntu¶

Security Notices¶

Security Standards and Benchmarks¶

CIS (Center for Internet Security)¶

NIST¶

DISA STIGs¶

OWASP¶

Linux Security Resources¶

General Linux Security¶

Hardening Guides¶

Networking and Firewall¶

SSH Resources¶

Logging and Monitoring¶

Tools Documentation¶

Package Management¶

Security Tools¶

Encryption¶

Learning Resources¶

Online Courses¶

Books¶

Practice Environments¶

Community Resources¶

Forums and Q&A¶

Reddit¶

Mailing Lists¶

Vulnerability Resources¶

Databases¶

News and Alerts¶

Tool Downloads¶

Security Scanners¶

Monitoring¶

Keeping Current¶

Subscribe To¶

Check Regularly¶

Review Periodically¶

Quick Links¶

Most Used¶

Emergency¶