Last change: 2025-01-10
The lynis command runs a security audit on Linux systems to test for vulnerable packages, security issues, and possible improvements for system hardening.
Hardening articles
Last change: 2025-01-10
Harden the Dovecot IMAP and POP3 server configuration with the help of this predefined profile and leverage systemd sandboxing capabilities.
Last change: 2025-01-06
Harden the Apache web server configuration with the help of this predefined profile that implements systemd sandboxing capabilities and restricting resources.
Last change: 2025-01-06
Tighten the already secure OpenSMTPD software on Linux by using this predefined profile that uses the systemd sandboxing options.
Last change: 2025-01-06
Linux hardening security guides collected in one area, covering systems like AlmaLinux, Arch, Debian, Fedora, Ubuntu, and others.
Last change: 2025-01-06
Everything related to system hardening, from hardening guides to tools. Configure, test, and secure your system with these articles.
Last change: 2025-01-06
Harden the nginx configuration with the help of this predefined profile that implements systemd sandboxing capabilities and restricting resources.
Last change: 2025-01-06
Collection of predefined hardening profiles for systemd that can be used to secure your applications. With detailed explanation of the unit settings.
Last change: 2025-01-06
Learn how to secure your nginx configuration with this hardening guide. It includes examples and tips to implement security measures step by step.
Commands:
- htpasswd
- nginx
Last change: 2025-01-06
The SSH configuration influences the security of your Linux system. This guide helps you to secure your OpenSSH server and client configuration.
Last change: 2025-01-06
Looking to secure your Linux system? This security guide shows you how to perform system hardening and run technical audits to keep it in optimal condition.
Commands:
- ip
- ipset
Last change: 2025-01-06
Secure the mail configuration of Postfix with this step-by-step guide, use relevant commands, and increase both security and privacy.
Commands:
- dpkg
- openssl
- postconf
- postqueue
- tar
Last change: 2025-01-06
Step by step guide to secure any Ubuntu desktop or server. Harden your Ubuntu during installation and afterwards with the available security tips.
Commands:
- aa-status
- apt
- iptables
Last change: 2025-01-06
Feeling overwhelmed with the options available to secure your Linux system? With this guide, we walk step-by-step through the option, tools, and resources.
Last change: 2025-01-06
The pseudo-filesystem /proc contains a lot of useful information for the system administrator. With the hidepid option we can restrict what users can see.
Commands:
- cat
- groupadd
- mount
- ps
- top
Last change: 2025-01-06
The Linux kernel can be secured with the help of kernel tunables called sysctl keys. Learn how system hardening principles can be applied using sysctl.
Commands:
- sysctl
Last change: 2025-01-06
Extensive guide to help you secure your IPv6 configuration on Linux. From initial set-up to hardening the kernel with sysctl.
Last change: 2025-01-06
SSH has the capabilities to give a colleague or vendor temporary access to your systems. Learn how to install and configure the related SSH settings.
Commands:
- mkdir
- ssh
- ssh-keygen
- touch
- umask
Last change: 2025-01-06
The tiger tool was known for a long time to help with auditing Unix-based systems. Fortunately there are new tools that are better maintained.
Last change: 2025-01-06
Your Linux systems should be protected against common security attacks. By using 4 common techniques, we can fortify our systems like a real fortress.
Last change: 2025-01-06
Securing a Linux system is called system hardening. Learn more about strategies to properly lock down Linux systems, from networking up to file integrity.
Last change: 2025-01-06
Sometimes time or money is limited. We hunt to find great alternatives to commercial solutions. This time alternatives for the CIS auditing tool CIS-CAT.
Last change: 2025-01-06
Configuration management and system auditing go hand in hand. In this article we cover both and learn why this combination is so powerful.
Last change: 2025-01-06
We talk about the risks when using Linux security hardening scripts in this article. Hardening Linux with scripts might look like a nice idea, but is it?
Last change: 2025-01-06
Hardening guides, and the CIS benchmarks in particular, are a great resource to harden your system. But there are alternatives.
Last change: 2025-01-06
Since data is stored on file systems, appropriate measures should be taken to protect it. Learn how to secure mount points on Linux.
Last change: 2025-01-06
Bastille Linux is a great tool for hardening of Linux systems. With the project looking outdated (or even dead), there are new alternatives to Bastille.
Last change: 2025-01-06
Machines are smarter, quicker and make less mistakes compared to humans. They might be the ultimate resource for security automation, securing our systems.
Last change: 2025-01-06
The BEAST attack showed up in 2011 and some servers are still vulnerable to it. With the right protocols, ciphers and preference, we can keep the BEAST out.
Last change: 2025-01-06
The solution to avoid using Linux hardening checklists for your servers is simple. With proper automation and regular checks, checklists could be avoided.
Last change: 2025-01-06
Auditing tool Lynis for Linux, guides administrators with discovering weaknesses. This article helps in dealing with Lynis suggestions displayed on screen.
Commands:
- grep
- less
Last change: 2025-01-06
With Linux being decently hardened by default, would it make sense to invest in reading hardening guides? The short answer: yes!
Last change: 2025-01-06
Security professionals usually don't advise to use security through obscurity. Still, it's wise to hide the nginx version number.
Commands:
- curl
- nginx
- service
Last change: 2025-01-06
Overview of tools and hardening guides to implement system hardening for Red Hat Linux. Also applies Fedora, CentOS and Scientific Linux systems.
Last change: 2025-01-06
One of the myths is that Linux systems are secure by default. Learn what kind of measures you can implement and which security tools help with that.
Last change: 2025-01-06
Article about Linux server security and guidance for securing your Linux systems. Focus on auditing, hardening and compliance, to improve security defenses.
Last change: 2025-01-06
This article provides tips for FreeBSD hardening by using a powerful tool named Lynis. This script will perform an extensive audit to secure your systems.