#Linux #Hardening Check list
• Stopping Unnecessary Services
• Setting core dump security limits
• Enabling audited service for system auditing
• Configuring Cron
• Creating Login Banner
• Configuring SSH
• Verifying System File Permissions
• Setting Sticky Bit on All World-Writable Directories
• Searching for world writable files
• Searching for Un-owned files and directories
• Searching for SUID System Executables
• Searching for SGID System Executables
• Searching for empty password fields
• Reviewing User and Group Settings
• Checking User Dot File Permissions.
• Checking Permissions on User .netrc Files
• Checking for Presence of User .rhosts Files
• Checking for Duplicate UIDs
• Checking for Duplicate GIDs
• Checking for Duplicate User Names
• Checking for Duplicate Group Names
• Modifying Network Parameters
• Disabling IPv6 if not required
• Ensure access to the su command is restricted
• CTRL+ALT+DEL Disable
• Disable GUI
• Implement Password Policy
• /usr/share/ man & doc permissions
• Ensure default user umask is 027 or more restrictive
• Ensure root login is restricted to system console
• Ensure password creation requirements are configured
• Ensure permissions on all logfiles are configured
• Block Login of System Accounts
• Increase log retention
• Enable and configure SELinux
• Enable and configure Firewalls
• Sudoers file configurations
• Enable Iptables (Firewall)
• Perform Security Audits (if necessary)
• Close Hidden Open Ports
• Check Listening Network Ports
to list a FEW;)..
hope this helps..
Disclaimer: https://tastingtraffic.net (Decentralized SOCIAL Network) and/or its owners [http://tastingtraffic.com] are not affiliates of this provider or referenced image used. This is NOT an endorsement OR Sponsored (Paid) Promotion/Reshare.