Server Hardening: Difference between revisions
Jump to navigation
Jump to search
(Created page with "Some tips to limit surface attack, and other things to help mitigate obvious script kiddy crap. == General == == Linux == == BSD == Category: System") |
(→Linux) |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
Some tips to limit surface attack, and other things to help mitigate obvious script kiddy crap. | Some tips to limit surface attack, and other things to help mitigate obvious script kiddy crap. | ||
'''Note:''' This is a placeholder, we should run through the reference doc below and cherry-pick a couple of things. | |||
== General == | == General == | ||
| Line 5: | Line 7: | ||
== Linux == | == Linux == | ||
=== Comfy setup == | |||
* Don't bload APT | |||
echo 'APT::Install-Recommends "false";' > /etc/apt/apt.conf.d/80norecommends | |||
== FreeBSD == | |||
== | == References == | ||
* https://www.debian.org/doc/manuals/securing-debian-howto/ | |||
* https://github.com/trimstray/the-practical-linux-hardening-guide | |||
* https://fleximus.org/howto/secure-freebsd | |||
* http://bsdadventures.com/harden-freebsd | |||
* https://www.freebsd.org/doc/handbook/audit.html | |||
* https://www.passbolt.com/ | |||
* find a way to track/analyze log files more effectively | |||
* https://heipei.io/2015/02/26/SSH-Agent-Forwarding-considered-harmful/ | |||
* 2FA for ssh? | |||
* https://serverfault.com/questions/116177/whats-the-difference-between-authorized-keys-and-authorized-keys2 | |||
* tinc for accessing delicate services/resources | |||
[[Category: System]] | [[Category: System]] | ||
Latest revision as of 16:20, 16 December 2019
Some tips to limit surface attack, and other things to help mitigate obvious script kiddy crap.
Note: This is a placeholder, we should run through the reference doc below and cherry-pick a couple of things.
General
Linux
= Comfy setup
- Don't bload APT
echo 'APT::Install-Recommends "false";' > /etc/apt/apt.conf.d/80norecommends
FreeBSD
References
- https://www.debian.org/doc/manuals/securing-debian-howto/
- https://github.com/trimstray/the-practical-linux-hardening-guide
- https://fleximus.org/howto/secure-freebsd
- http://bsdadventures.com/harden-freebsd
- https://www.freebsd.org/doc/handbook/audit.html
- https://www.passbolt.com/
- find a way to track/analyze log files more effectively
- https://heipei.io/2015/02/26/SSH-Agent-Forwarding-considered-harmful/
- 2FA for ssh?
- https://serverfault.com/questions/116177/whats-the-difference-between-authorized-keys-and-authorized-keys2
- tinc for accessing delicate services/resources