linux:hardening
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | |||
linux:hardening [2019-08-18 16:56] – style gabriel | linux:hardening [2019-08-18 17:07] (current) – adding rough notes and links gabriel | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Hardening Linux systems ====== | ====== Hardening Linux systems ====== | ||
- | My notes on Linux hardening. | + | My notes on Linux hardening. Right now I'm just gathering reference material to help build my own guide. |
+ | |||
+ | Do not consider these links to be endorsements of any particular security model or configuration. | ||
===== Firewall ===== | ===== Firewall ===== | ||
+ | |||
+ | * By default only ICMP and SSH should be allowed | ||
===== Accounts ===== | ===== Accounts ===== | ||
+ | |||
+ | * No root password | ||
===== SSH ===== | ===== SSH ===== | ||
+ | |||
+ | * https:// | ||
+ | * disable root logins | ||
+ | * set login group | ||
+ | * default port | ||
+ | * firewall limits by IP | ||
===== Patching ===== | ===== Patching ===== | ||
+ | * Patch cycle | ||
+ | * Verification of CVEs, etc. | ||
+ | |||
+ | ===== SELinux ===== | ||
+ | |||
+ | * https:// | ||
+ | * https:// |
linux/hardening.txt · Last modified: 2019-08-18 17:07 by gabriel