User Tools

Site Tools


linux:hardening

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
linux:hardening [2019-08-18 16:56] – style gabriellinux:hardening [2019-08-18 17:07] (current) – adding rough notes and links gabriel
Line 1: Line 1:
 ====== Hardening Linux systems ====== ====== Hardening Linux systems ======
  
-My notes on Linux hardening.+My notes on Linux hardening. Right now I'm just gathering reference material to help build my own guide. 
 + 
 +Do not consider these links to be endorsements of any particular security model or configuration.
  
 ===== Firewall ===== ===== Firewall =====
 +
 +  * By default only ICMP and SSH should be allowed
  
 ===== Accounts ===== ===== Accounts =====
 +
 +  * No root password
  
 ===== SSH ===== ===== SSH =====
 +
 +  * https://linux-audit.com/audit-and-harden-your-ssh-configuration/
 +  * disable root logins
 +  * set login group
 +  * default port
 +  * firewall limits by IP
  
 ===== Patching ===== ===== Patching =====
  
 +  * Patch cycle
 +  * Verification of CVEs, etc.
 +
 +===== SELinux =====
 +
 +  * https://en.wikipedia.org/wiki/Security-Enhanced_Linux
 +  * https://opensource.com/article/18/7/sysadmin-guide-selinux
linux/hardening.txt · Last modified: 2019-08-18 17:07 by gabriel