CSEC_PUBLIC/the-practical-linux-hardening-guide
1
0
Fork 0
mirror of https://github.com/trimstray/the-practical-linux-hardening-guide.git synced 2025-12-06 17:22:51 +01:00
Code Issues Packages Projects Releases Wiki Activity

toc - minor updates

Browse Source 
- signed-off-by: trimstray <trimstray@gmail.com>
This commit is contained in:
trimstray
2018-10-08 00:36:40 +02:00
parent 68cb160492
commit 3f9120a47f
1 changed files with 11 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
README.md
View File

@@ -40,20 +40,24 @@
## Table Of Content ## Table Of Content
- **[Checklist - document the host information](#checklist-document-the-host-information)** - **[Hardening checklist](#hardening-checklist)**
- **[Pre install tasks](#pre-install-tasks)** - **[Pre install tasks](#pre-install-tasks)**
* [Physical system security](#physical-system-security) * [Physical system security](#physical-system-security)
+ [Locked racks](#locked-racks)
+ [BIOS protection](#bios-protection) + [BIOS protection](#bios-protection)
* [Partitioning scheme](#partitioning-scheme)
* [Hard disk encryption](#hard-disk-encryption) * [Hard disk encryption](#hard-disk-encryption)
* [Bootloader configuration](#bootloader-configuration) + [/boot](#securing-boot)
+ [SWAP](#swap)
* [Partitioning scheme](#partitioning-scheme)
- **[Post install tasks](#post-install-tasks)** - **[Post install tasks](#post-install-tasks)**
* [Bootloader configuration](#bootloader-configuration)
* [Disk partitions](#disk-partitions) * [Disk partitions](#disk-partitions)
+ [Lock the boot directory](#lock-the-boot-directory) + [Lock the boot directory](#lock-the-boot-directory)
+ [Secure /tmp and /var/tmp](#secure-tmp-and-var-tmp) + [Secure /tmp and /var/tmp](#secure-tmp-and-var-tmp)
+ [Disk quotas](#disk-quotas) + [Disk quotas](#disk-quotas)
* [Keep system updated](#keep-system-updated) * [Keep system updated](#keep-system-updated)
* [Package management](#package-management) * [Package management](#package-management)
+ [Automiatic security updates](#automatic-security-updates)
+ [Remove packages with known issues](#remove-packages-with-known-issues) + [Remove packages with known issues](#remove-packages-with-known-issues)
* [Netfilter ruleset](#netfilter-ruleset) * [Netfilter ruleset](#netfilter-ruleset)
* [TCP wrapper](#tcp-wrapper) * [TCP wrapper](#tcp-wrapper)
@@ -72,9 +76,9 @@
* [Limits](#limits) * [Limits](#limits)
* [Shadow passwords](#shadow-passwords) * [Shadow passwords](#shadow-passwords)
* [Linux kernel hardening](#linux-kernel-hardening) * [Linux kernel hardening](#linux-kernel-hardening)
* [Kernel parameters](#kernel-parameters) + [Kernel parameters](#kernel-parameters)
+ [Improve network security](#improve-network-security) + [Network security](#improve-network-security)
+ [Improve system security](#improve-system-security) + [System security](#improve-system-security)
* [Remove unused modules](#remove-unused-modules) * [Remove unused modules](#remove-unused-modules)
* [Secure shared memory](#secure-shared-memory) * [Secure shared memory](#secure-shared-memory)
* [IRQ balance](#irq-balance) * [IRQ balance](#irq-balance)
@@ -98,7 +102,7 @@
* [Testing tools](#testing-tools) * [Testing tools](#testing-tools)
+ [Lynis](#lynis) + [Lynis](#lynis)
+ [Chrootkit](#chrootkit) + [Chrootkit](#chrootkit)
- **[Hardening Services](#hardening-services)** - **[Services](#hardening-services)**
* [Disable all unnecessary](#disable-all-unnecessary) * [Disable all unnecessary](#disable-all-unnecessary)
* [System services](#system-services) * [System services](#system-services)
+ [OpenSSH](#openssh) + [OpenSSH](#openssh)