hardening
ansible-role-hardening
Our great sponsors
hardening | ansible-role-hardening | |
---|---|---|
5 | 1 | |
1,308 | 494 | |
- | - | |
8.9 | 9.5 | |
about 13 hours ago | 5 days ago | |
Shell | Jinja | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
hardening
-
Security Harden Ubuntu 22.04
Thanks for the link. I’m looking into it now. I also am testing out konstrukoid/hardening on GitHub
-
Any tool to check the security of my server?
There is also: https://github.com/konstruktoid/hardening
-
Industry Standard Linux Hardening Script [Ubuntu Server]
Are there any Linux(Ubuntu Server in my case) hardening scripts that abides to any well known industry standards. I can only find some scripts on Github like this one - https://github.com/konstruktoid/hardening
- Basic Server Hardening Steps
- Advice on locking down / securing servers?
ansible-role-hardening
-
AKS worker-node host operating systems
Many thanks u/pixelavenger. While I did not (yet) find the specific CIS recommendation, but I did find this which indicates that disabling SCTP module is perhaps too strong a reaction if the only justification is disabling those networking features that are usually not used frequently (to reduce attack surface). Apparently there was a vulnerability in WebRTC's user-space SCTP implementation, which has hence been fixed. There seem to be no known vulnerabilities in linux kernel SCTP implementation. Do you think Azure Support might be requested to optionally enable SCTP kernel module in the images ? Thanks also for the idea about using Daemon-set approach, perhaps a bit kludgy for the needs, as one'd need to invent a way to synchronize the completion of Daemon-set's task of enabling SCTP and startup of application that needs SCTP. Still better than nothing at all.
What are some alternatives?
debian-cis - PCI-DSS compliant Debian 10/11/12 hardening
CIS-Ubuntu-20.04-Ansible - Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
Android-PIN-Bruteforce - Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)
RHEL8-CIS - Ansible role for Red Hat 8 CIS Baseline
PowerDNS - PowerDNS Authoritative, PowerDNS Recursor, dnsdist
ansible-role-security - Ansible Role - Security
How-To-Secure-A-Linux-Server - An evolving how-to guide for securing a Linux server.
debops - DebOps - Your Debian-based data center in a box
ubuntu-hardened-host - Hardened (FIPS) Host for NGINX, Docker, Kubernets, etc
debian - Reliably provision Debian hosts
wireguard-namespace-service - A systemd service that creates isolated network namespace with routing through WireGuard
ansible-role-docker-rootless - Ansible role to install a rootless Docker server