Linux Security Hardening: Difference between revisions
Jump to navigation
Jump to search
| Line 14: | Line 14: | ||
Remove all unneeded users. | Remove all unneeded users. | ||
==root== | |||
Change the root's password to a long, random one. | |||
==Scan for Services Listening on Ports== | ==Scan for Services Listening on Ports== | ||
Revision as of 04:16, 22 April 2018
Internal
Overview
Steps
Minimal Footprint
Install a minimal image and add utilities as needed.
Eliminate Users
Remove all unneeded users.
root
Change the root's password to a long, random one.
Scan for Services Listening on Ports
netstat -tupln
Eliminate:
sshd
Disallow root to log in.
Create a special login user with a random name and a long, random password.
TODO
- Penetration detection.