====Linux Hardening==== Here are the resources I used to harden the 2 serves at Eircom [[http://www.speedguide.net/index.php | port information]] [[http://www.nsa.gov/ia/_files/os/redhat/rhel5-guide-i731.pdf | Excellent hardening guide]] need to upload Braum hardening document ====Securing Linux RHEL 8 Best Practices==== [[:linux:linux-hardening:rh8 | RedHat 8 ]] ====Securing Linux RHEL 7 Best Practices==== There are enough differences in RHEL 7 that make the previous documents hard to follow. Here is a link to the best practices from Redhat [[https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/pdf/Security_Guide/Red_Hat_Enterprise_Linux-7-Security_Guide-en-US.pdf | Securing RHEL 7 PDF]] [[http://people.redhat.com/swells/scap-security-guide/RHEL/7/output/table-rhel7-cces.html | Securing RHEL 7 document]] ====Step Details==== 4.1 [[:linux:linux-hardening:Nosuid Nodev Noexec]] [[:Removing unneeded FS drivers]] 4.2 [[:linux:linux-hardening:noclobber]] 4.3 [[:linux:linux-hardening:Aide]] 4.4 [[:linux:linux-hardening:SELinux]] 4.5 [[:linux:linux-hardening:Boot security]] 4.6 [[:linux:linux-hardening:Execshield]] 4.7 [[:linux:linux-hardening:Prelink]] Applies only to RHEL 5 5 [[:linux:linux-hardening:Disabling Standard Services]] 6.1 [[:linux:linux-hardening:Setting Default umask]] [[:Disable Special Serivces|Disable Special Services]] 6.3 [[:linux:linux-hardening:Configuring the MTA]] 7 [[:linux:linux-hardening:Network Configuration]] 8 [[:linux:linux-hardening:Wireless Networking]] 9 [[:linux:linux-hardening:IPv6]] 10 [[:linux:linux-hardening:TCP-wrappers]] 11 [[:linux:linux-hardening:IPTables]] 12 [[:linux:linux-hardening:Uncommon network protocols]] 13 [[:linux:linux-hardening:Logging and Auditing]] 14 [[:linux:linux-hardening:Implementing Logrotate]] 15 [[:linux:linux-hardening:Ssh configuration]] 16 [[:linux:linux-hardening:PAM configuration]] 17 [[:linux:linux-hardening:Enable SHA-512 hashing for all password encryption]] 18 [[:linux:linux-hardening:Restrict root login access to the system console]] 19 [[:linux:linux-hardening:Require a wheel group for root access]] 20 [[:linux:linux-hardening:User accounts and Environments]] 21 [[:linux:linux-hardening:Hardening standards for the Apache web server]]