From c8ce3eb3b12f5e52ab408858da1bfcb12afadc5b Mon Sep 17 00:00:00 2001 From: trimstray Date: Mon, 4 Mar 2019 15:27:45 +0100 Subject: [PATCH] updated 'General Disclaimer' - signed-off-by: trimstray --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index fe0075f..0511ed0 100644 --- a/README.md +++ b/README.md @@ -80,10 +80,6 @@ A few rules for this project: - some hardening rules/descriptions can be done better - you can think of it as a checklist -Please also remember: - - > This guide also contains my comments that may differ from certain industry principles. If you are not sure what to do please see **[Policy Compliance](#policy-compliance)**. - This guide use following [OpenSCAP](https://www.open-scap.org/) configurations: - [U.S. Government Commercial Cloud Services (C2S) baseline inspired by CIS v2.1.1](https://static.open-scap.org/ssg-guides/ssg-rhel7-guide-C2S.html) @@ -94,6 +90,10 @@ This guide use following [OpenSCAP](https://www.open-scap.org/) configurations: > The requirements are derived from the (NIST) 800-53 and related documents. +Please also remember: + + > _The Practical Linux Hardening Guide_ also contains my comments that may differ from certain industry principles. If you are not sure what to do please see **[Policy Compliance](#policy-compliance)**. + ### The Importance of Hardening Linux Simply speaking, hardening is the process of making a system more secure. Out of the box, Linux servers don’t come "hardened" (e.g. with the attack surface minimized). It’s up to you to prepare for each eventuality and set up systems to notify you of any suspicious activity in the future.