this post was submitted on 05 Nov 2023
20 points (100.0% liked)

cybersecurity

3262 readers
12 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Enjoy!

founded 1 year ago
MODERATORS
 

I'm working on a guide focused on securing Linux servers and I'd like to ask you what your essential hardening techniques and tips are? Your feedback would be greatly appreciated

you are viewing a single comment's thread
view the rest of the comments
[–] demesisx@infosec.pub 10 points 1 year ago* (last edited 1 year ago)

Here’s how this concept made it onto my radar. This is an obsessively paranoid NixOS config and accompanying article:

https://xeiaso.net/blog/paranoid-nixos-2021-07-18/

Also, for further reference:

There’s a whole subsection of nixpkgs that could be helpful for a hardening guide:

https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/hardened.nix

Also, there are a few articles walking us through hardening Nix:

https://dataswamp.org/~solene/2022-01-13-nixos-hardened.html

On NixOS Discourse:

https://discourse.nixos.org/t/hardening-systemd-services/17147/6