User Tools

Site Tools


linux:hardening

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
linux:hardening [2019-08-18 16:56]
gabriel style
linux:hardening [2019-08-18 17:07] (current)
gabriel adding rough notes and links
Line 1: Line 1:
 ====== Hardening Linux systems ====== ====== Hardening Linux systems ======
  
-My notes on Linux hardening.+My notes on Linux hardening. Right now I'm just gathering reference material to help build my own guide. 
 + 
 +Do not consider these links to be endorsements of any particular security model or configuration.
  
 ===== Firewall ===== ===== Firewall =====
 +
 +  * By default only ICMP and SSH should be allowed
  
 ===== Accounts ===== ===== Accounts =====
 +
 +  * No root password
  
 ===== SSH ===== ===== SSH =====
 +
 +  * https://​linux-audit.com/​audit-and-harden-your-ssh-configuration/​
 +  * disable root logins
 +  * set login group
 +  * default port
 +  * firewall limits by IP
  
 ===== Patching ===== ===== Patching =====
  
 +  * Patch cycle
 +  * Verification of CVEs, etc.
 +
 +===== SELinux =====
 +
 +  * https://​en.wikipedia.org/​wiki/​Security-Enhanced_Linux
 +  * https://​opensource.com/​article/​18/​7/​sysadmin-guide-selinux
linux/hardening.txt · Last modified: 2019-08-18 17:07 by gabriel