Securing a Linux server. What else to do?

This page summarizes the projects mentioned and recommended in the original post on /r/sysadmin
Security Linux Docker Shell ufw

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • ufw-docker

    To fix the Docker and UFW security flaw without disabling iptables

    • Just be aware that docker bypasses the firewall. So for a docker-container which only connects to another docker-container running on the same server, you would need to explicitly publish 127.0.0.1:1234 or have a look at github chaifeng/ufw-docker, which sets some ufw rules specifically for docker.

  • ssh-audit

    SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc) (by jtesta)

    • For further SSH hardening, see github jtesta/ssh-audit.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • lynis

    Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

    • Lynis is a tool that will analyze your system and give general security and consistency recommendations. Since you're talking about securing SSH, this tool has a whole list of SSH configurations that it will check and inform you which ones you should tighten up. https://cisofy.com/lynis/

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts