Linux Security Hardening: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
Line 22: Line 22:


* [[Postfix#Service|postfix]]
* [[Postfix#Service|postfix]]
==sshd==
Disallow root to log in.
Create a special login user with a random name and a long, random password.


=TODO=
=TODO=

Revision as of 04:15, 22 April 2018

Internal

Overview

Steps

Minimal Footprint

Install a minimal image and add utilities as needed.

Eliminate Users

Remove all unneeded users.

Scan for Services Listening on Ports

 netstat -tupln

Eliminate:

sshd

Disallow root to log in.

Create a special login user with a random name and a long, random password.

TODO

  • Penetration detection.