debian
Reliably provision Debian hosts (by savchenko)
ansible-role-hardening
Ansible role to apply a security baseline. Systemd edition. (by konstruktoid)
Our great sponsors
debian | ansible-role-hardening | |
---|---|---|
1 | 1 | |
4 | 494 | |
- | - | |
0.0 | 9.6 | |
9 months ago | 4 days ago | |
Lua | Jinja | |
GNU General Public License v3.0 or later | Apache License 2.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
debian
Posts with mentions or reviews of debian.
We have used some of these posts to build our list of alternatives
and similar projects.
-
Debian 11 Ansible playbooks
Long time reader, first time poster. To commemorate the Bullseye release, I would like to share a stash of relevant Ansible playbooks. Extensively tested on v11 since RC1, PRs are welcome: https://github.com/savchenko/debian
ansible-role-hardening
Posts with mentions or reviews of ansible-role-hardening.
We have used some of these posts to build our list of alternatives
and similar projects.
-
AKS worker-node host operating systems
Many thanks u/pixelavenger. While I did not (yet) find the specific CIS recommendation, but I did find this which indicates that disabling SCTP module is perhaps too strong a reaction if the only justification is disabling those networking features that are usually not used frequently (to reduce attack surface). Apparently there was a vulnerability in WebRTC's user-space SCTP implementation, which has hence been fixed. There seem to be no known vulnerabilities in linux kernel SCTP implementation. Do you think Azure Support might be requested to optionally enable SCTP kernel module in the images ? Thanks also for the idea about using Daemon-set approach, perhaps a bit kludgy for the needs, as one'd need to invent a way to synchronize the completion of Daemon-set's task of enabling SCTP and startup of application that needs SCTP. Still better than nothing at all.
What are some alternatives?
When comparing debian and ansible-role-hardening you can also consider the following projects:
CIS-Ubuntu-20.04-Ansible - Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
RHEL8-CIS - Ansible role for Red Hat 8 CIS Baseline
hardening - Hardening Ubuntu. Systemd edition.
ansible-role-security - Ansible Role - Security
debops - DebOps - Your Debian-based data center in a box
ansible-role-docker-rootless - Ansible role to install a rootless Docker server
content - Security automation content in SCAP, Bash, Ansible, and other formats
hetzner-podman-bunjs-deploy - Example of standalone application deployment to Hetzner Cloud using Rootless Podman quadlet systemd services and Ansible as IaC
AlmaLinux-BP-028 - Builds an AlmaLinux ISO secured to ANSSI-BP-028 standards.
ansible-role-hardening vs CIS-Ubuntu-20.04-Ansible
ansible-role-hardening vs RHEL8-CIS
ansible-role-hardening vs hardening
ansible-role-hardening vs ansible-role-security
ansible-role-hardening vs debops
ansible-role-hardening vs ansible-role-docker-rootless
ansible-role-hardening vs content
ansible-role-hardening vs hetzner-podman-bunjs-deploy
ansible-role-hardening vs AlmaLinux-BP-028