What CrowdStrike is actually selling, is someone who actually looks at the system logs and who pushes a button when something pops up. Roughly.
There are better solutions on the market. Unfortunately CrowdStrike has the more aggressive sales team.
For those wondering, I’m referring to *nix based solutions like SElinux, appArmor, iptables, nftables, cgroups, … But you need to monitor your logs if you want to take appropriate action.
Oh cool, implementing mediocre algorithms. What could possibly go wrong?
Khandar Estrada khandos thrus indactu nosfrandus khandar dematos… erh blah lahblah
Ise kde, not gnome.
Aside from the obvious (company providing all the necessary tools) why not using libreoffice and saving it as M$ excel?
The I can only recommend you to start automating everything you do, to make tour job easier and make more time to slack 😝
Start small, and build on that.
Try Ansible, it is easy and allows you to do some really cool stuff. It helped me migrate 500+ systems from KVM to vmware, where no commercial tool was able to help me…
There is nothing more important than security patches on a system.
I used to work at an FMI, which’s motto was “keep things stable”. Even the ciso department bought that crap. Until we hired a white hat hacker. The only thing given was the name of the company. He managed to get into the building, access an employee’s workstation and install a root kit on one of the most important financial message tracking systems (you know, the one that instructs other systems to transfer money), using a security bug, which would have been patched if they kept a regular (security) update cycle. After shit hit the fan, many people were fired and an update cycle was introduced.
No system is important enough to not patch. And if you believe it is, you’re wrong.
Surprise… Surprise… It’s a snap!
dnf upgrade
And
package-cleanup --cleandupes
Should have fixed it.
You may also want to check up on regulations and laws of your country.
In Belgium, for instance, I am responsible for any and all attacks originating from my PC. If you were hacked and said hackers used your computer to stage an attack, the burden of proof is upon you. So instead of hiring very expensive people to trace the real source of an attack originating from your own PC, enabling a firewall just makes sense, besides making it harder on hackers…
PostmarketOS might be a possibility…
I honestly have no idea. But I discovered it a decade ago when I needed to process a short film. Haven’t touched it since.
Maybe he has yours?
The question is not which tool should I use?
The question is what is it that you want to achieve? That will drive your choice of tools.
I want to mirror my drive can be achieved by a lot of tools. But I want to be able to restore a file I accidentally deleted up to 24 hours with a 1 hour interval is a totally different game.
For backups I am very fond of restic as it does a lot of things in a simple way: encryption, (incremental) snapshots, mounting of said snapshots, support various storage backends, policy based purging, tagging, …
Your tool may not be able to do all you need, like automated scheduled backups, so you will need to also learn cron (or whatever scheduler you may have)
And finally, what about maintenance? What should happen to all those files you’ve synced? How long do you want to keep them?
I attended a Mötörhead concert…
We are not the same.
You must not have heard of ®syslog.
I beg to differ, I find SELinux easy to setup. But your mileage may vary, depending on one’s experience.
When talking about ease of use… Configuration is configuration. If you do not take the time to learn how to use your product, the product you know will always be better than the one you don’t. I’ve used Crowdstrike. I’ve battled them to get their kernel modules signing certificate to be signed by RedHat. I’ve battled them to have the possibility to have the auto update disabled. So no, I am not impressed by the quality of their product. I’ll bet any day a vanilla RHEL with the correct security related software and the latest updates outperforms and outclasses Crowdstrike.