the-practical-linux-hardening-guide
Linux security guide
A comprehensive guide to creating secure Linux production systems using industry standards and best practices
This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
10k stars
306 watching
615 forks
last commit: over 4 years ago
Linked from 2 awesome lists
auditcentoschecklistcisguidehardeninglinuxlinux-hardeninglinux-securitymanualopenscappci-dssredhat-enterprise-linuxsecurity
decalage2/awesome-security-hardening
spacial/awesome-systoolsRelated projects:
| Repository | Description | Stars |
|---|---|---|
| trimstray/linux-hardening-checklist | A checklist to help secure GNU/Linux production systems by reducing vulnerability and attack surface | 1,498 |
 imthenachoman/how-to-secure-a-linux-server | An evolving how-to guide for securing a Linux server | 17,554 |
 dev-sec/ansible-collection-hardening | Provides hardening measures for various systems and services to improve security | 4,059 |
 freach/kubernetes-security-best-practice | A comprehensive guide to securing Kubernetes clusters in the cloud or on-premises | 2,695 |
 linuxserver/docker-swag | A Docker container that sets up an Nginx webserver and reverse proxy with PHP support, including automated SSL certificate generation and renewal, as well as intrusion prevention. | 2,915 |
 bettercrypto/applied-crypto-hardening | Documenting and maintaining best practices for secure online communication using cryptography. | 704 |
 cohdjn/cisecurity | Automates Linux hardening to conform to Center for Internet Security Benchmark standards | 9 |
 konstruktoid/hardening | A script to harden a Ubuntu server for security | 1,385 |
 google/opensk | An open-source implementation of FIDO2 security keys in Rust | 3,009 |
 ovh/debian-cis | Provides modular security hardening scripts for Debian distributions based on CIS security standards | 765 |
 marshyski/quick-secure | Automates basic UNIX/Linux system security hardening and configuration | 415 |
 pratiktri/server_init_harden | Automates server security hardening on initial login as root | 93 |
 anthraxx/linux-hardened | A minimal Linux kernel hardening project | 573 |
 copperhead/linux-hardened | A customized Linux distribution designed to prioritize security and stability for resource-constrained environments. | 5 |
| google/nsjail | A lightweight process isolation tool for Linux that provides isolated environments for network services and local processes. | 2,980 |