OS-Hardening
lynis
Our great sponsors
OS-Hardening | lynis | |
---|---|---|
2 | 72 | |
31 | 12,386 | |
- | 6.2% | |
0.0 | 8.1 | |
about 2 years ago | 3 days ago | |
Shell | Shell | |
The Unlicense | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
OS-Hardening
-
Secure your Cloud Server from Hackers with Fail2Ban
Have a look at: https://github.com/ITNerdbox/OS-Hardening/blob/master/sshd_config - It's a hardened configuration for the ssh daemon.
lynis
-
Who does check linux distros of malware - open source
Linux has (free) tools to improve security and detect/remove malware: Lynis,Chkrootkit,Rkhunter,ClamAV,Vuls,LMD,radare2,Yara,ntopng,maltrail,Snort,Suricata...
- Learn security best practices
-
Fight against scans, bots and script-kiddies
What I would do in your place is run this https://github.com/CISOfy/lynis and follow some of the instructions.
-
What are your favorite sites that are privacy related that you bookmarked?
https://github.com/CISOfy/Lynis (Linux hardening)
- Ultimate privacy when setting up Fedora?
- Vulnerability scanning tools for homelab?
-
Cyber Security for developers: what and where to learn?
Linux security audit scanner
-
Any tool to check the security of my server?
Maybe try lynis
-
Lynis – Scan your system (Resource my cisco notes)
Project page : https://cisofy.com/lynis/
Source code : https://github.com/CISOfy/lynis
What are some alternatives?
Wazuh - Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
OSSEC - OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
PEASS-ng - PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
cve-check-tool - Original Automated CVE Checking Tool
OSQuery - SQL powered operating system instrumentation, monitoring, and analytics.
debian-cis - PCI-DSS compliant Debian 10/11/12 hardening
pfSense - Main repository for pfSense
crowdsec - CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
Snort - Snort++
syft - CLI tool and library for generating a Software Bill of Materials from container images and filesystems
grype - A vulnerability scanner for container images and filesystems
Fail2Ban - Daemon to ban hosts that cause multiple authentication errors