cybersecurity

3243 readers

1 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 1 year ago

MODERATORS

shellsharks@infosec.pub

tweedge@infosec.pub

Linux Hardening - what are you must-haves? (infosec.pub)

submitted 1 year ago by wop@infosec.pub to c/cybersecurity@infosec.pub

8 comments fedilink hide all child comments

I'm working on a guide focused on securing Linux servers and I'd like to ask you what your essential hardening techniques and tips are? Your feedback would be greatly appreciated

you are viewing a single comment's thread
view the rest of the comments

[–] demesisx@infosec.pub 12 points 1 year ago* (last edited 1 year ago)

Here’s how this concept made it onto my radar. This is an obsessively paranoid NixOS config and accompanying article:

https://xeiaso.net/blog/paranoid-nixos-2021-07-18/

Also, for further reference:

There’s a whole subsection of nixpkgs that could be helpful for a hardening guide:

https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/hardened.nix

Also, there are a few articles walking us through hardening Nix:

https://dataswamp.org/~solene/2022-01-13-nixos-hardened.html

On NixOS Discourse:

https://discourse.nixos.org/t/hardening-systemd-services/17147/6