CIS-Ubuntu-20.04-Ansible
ansible-role-hardening
Our great sponsors
CIS-Ubuntu-20.04-Ansible | ansible-role-hardening | |
---|---|---|
4 | 1 | |
243 | 494 | |
- | - | |
5.0 | 9.5 | |
16 days ago | 7 days ago | |
HTML | Jinja | |
GNU General Public License v3.0 only | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
CIS-Ubuntu-20.04-Ansible
- CIS Roles
- Ansible playbook won't run
-
Why won't this ansible script run?!
This is the github repo >>> https://github.com/alivx/CIS-Ubuntu-20.04-Ansible
-
Sending pretty HTML job reports with Ansible
yes it is :) this is the github repo: CIS-Ubuntu-20.04-Ansible
ansible-role-hardening
-
AKS worker-node host operating systems
Many thanks u/pixelavenger. While I did not (yet) find the specific CIS recommendation, but I did find this which indicates that disabling SCTP module is perhaps too strong a reaction if the only justification is disabling those networking features that are usually not used frequently (to reduce attack surface). Apparently there was a vulnerability in WebRTC's user-space SCTP implementation, which has hence been fixed. There seem to be no known vulnerabilities in linux kernel SCTP implementation. Do you think Azure Support might be requested to optionally enable SCTP kernel module in the images ? Thanks also for the idea about using Daemon-set approach, perhaps a bit kludgy for the needs, as one'd need to invent a way to synchronize the completion of Daemon-set's task of enabling SCTP and startup of application that needs SCTP. Still better than nothing at all.
What are some alternatives?
packer-ubuntu20.04 - Packer vsphere-iso builder for Ubuntu-20.04
RHEL8-CIS - Ansible role for Red Hat 8 CIS Baseline
terraform-aws-secure-baseline - Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
hardening - Hardening Ubuntu. Systemd edition.
prowler - Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
ansible-role-security - Ansible Role - Security
ara - ARA Records Ansible and makes it easier to understand and troubleshoot.
debops - DebOps - Your Debian-based data center in a box
ansible-role-docker-rootless - Ansible role to install a rootless Docker server
debian - Reliably provision Debian hosts
personal-ansible - Personal Ansible playbooks for home infrastructure to make my life easier