CSEC_PUBLIC/the-practical-linux-hardening-guide
1
0
Fork 0
mirror of https://github.com/trimstray/the-practical-linux-hardening-guide.git synced 2025-12-06 17:22:51 +01:00
Code Issues Packages Projects Releases Wiki Activity

updated descriptions

Browse Source 
- signed-off-by: trimstray <trimstray@gmail.com>
This commit is contained in:
trimstray
2019-02-19 14:08:55 +01:00
parent 13701b42e2
commit 7de10efc61
1 changed files with 7 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
README.md
View File

@@ -184,9 +184,13 @@
This Hardening Guide provide a high-level overview of the security hardening GNU/Linux systems. It is not an official standard but it _touches_ and _use_ industry standards. This Hardening Guide provide a high-level overview of the security hardening GNU/Linux systems. It is not an official standard but it _touches_ and _use_ industry standards.
- this guide does not exhaust everything about Systems/Linux Hardening
- some hardening rules can be done better
- you can think of it also as a checklist
Before you start remember: Before you start remember:
> The Practical Linux Hardening Guide also contains my comments that may be differ from certain industry standards. If you are not sure what to do please see [Policy Compliance](#policy-compliance) and think about what you actually do at your server. > The Practical Linux Hardening Guide also contains my comments that may be differ from certain industry principles. If you are not sure what to do please see [Policy Compliance](#policy-compliance) chapter and think about what you actually do at your server.
### The importance of Linux hardening ### The importance of Linux hardening
@@ -194,9 +198,9 @@ Out of the box, Linux servers dont come "hardened" (e.g. with the attack surf
### How to hardening GNU/Linux? ### How to hardening GNU/Linux?
In my opinion you should definitely drop all non-industry policies, articles, manuals and other. We have a lot of great GNU/Linux hardening [policies](#policy-compliance) to provide safer operating systems compatible with security protocols and security policies. In my opinion you should definitely drop all non-industry policies, articles, manuals and other on your production environments. We have a lot of great GNU/Linux hardening policies to provide safer operating systems compatible with security protocols and security policies.
> Primarily you should use Security Benchmarks/Policies which describe consensus best practices for the secure configuration of target systems because configuring your systems in compliance with e.g. CIS has been shown to eliminate 80-95% of known security vulnerabilities. > Most of all you should use [Security Benchmarks/Policies](#policy-compliance) which describe consensus best practices for the secure configuration of target systems because configuring your systems in compliance with e.g. CIS has been shown to eliminate 80-95% of known security vulnerabilities.
## Policy Compliance ## Policy Compliance