pyllyukko/harden.yml

Issues

• YARA

  #84 opened 9 months ago by pyllyukko
  1

• Debian 10: Optional hardening of APT

  #45 opened 9 months ago by pyllyukko
  0

• Jinja2 templates for rkhunter, chkrootkit & Tiger

  #60 opened 9 months ago by pyllyukko
  4

• SSH_USE_STRONG_RNG environment variable

  #70 opened a year ago by pyllyukko
  0

• Audit rkhunter DB and other similar integrity databases

  #75 opened a year ago by pyllyukko
  0

• PAM: Should nullok removed from password also?

  #64 opened 5 years ago by pyllyukko
  2

• IMA

  #83 opened 2 years ago by pyllyukko
  1

• Use Ansible

  #44 opened 3 years ago by pyllyukko
  1

• sudoers: Intrusion Detection

  #59 opened 2 years ago by pyllyukko
  2

• autolog.conf

  #72 opened 4 years ago by pyllyukko
  4

• Fix audit.yml for Slackware

  #51 opened 2 years ago by pyllyukko
  0

• nftables

  #78 opened 2 years ago by pyllyukko
  1

• Docker hardening

  #38 opened 6 years ago by pyllyukko
  1

• chmod sensitive files in filesystem.yml

  #52 opened 3 years ago by pyllyukko
  4

• Slackware PAM hardening

  #69 opened 3 years ago by pyllyukko
  1

• Slackware 15.0

  #39 opened 3 years ago by pyllyukko
  1

• LXC might require dev in /var

  #42 opened 3 years ago by pyllyukko
  0

• audit: Switch from STIG to OSPP

  #82 opened 3 years ago by pyllyukko
  0

• Tests with LXC

  #43 opened 6 years ago by pyllyukko
  2

• Fix/improve systemd units reported by "systemd-analyze security"

  #71 opened 4 years ago by pyllyukko
  0

• user.max_user_namespaces

  #74 opened 3 years ago by pyllyukko
  1

• Debian: /etc/default/ntp: -I 127.0.0.1

  #48 opened 5 years ago by pyllyukko
  1

• Look into Linux Malware Detect / maldet

  #77 opened 3 years ago by pyllyukko
  0

• Additions to rkhunter_prop_list.dat

  #76 opened 3 years ago by pyllyukko
  0

• Do we need faillog anymore?

  #73 opened 4 years ago by pyllyukko
  3

• Rethink adm group usage

  #58 opened 4 years ago by pyllyukko
  4

• Combine/unify quick_harden() and -A

  #40 opened 4 years ago by pyllyukko
  2

• Harden SSH daemon configuration only when sshd is installed

  #53 opened 4 years ago by pyllyukko
  1

• securetty in Debian

  #47 opened 4 years ago by pyllyukko
  1

• Fix SSH daemon configuration hardening

  #68 opened 4 years ago by pyllyukko
  1

• Check that SA_RC is set properly

  #54 opened 5 years ago by pyllyukko
  1

• AppArmor local overrides

  #67 opened 5 years ago by pyllyukko
  0

• CVE-2019-18634: buffer overflow in sudo when pwfeedback is enabled

  #66 opened 5 years ago by fgeek
  1

• PAM: Update lastlog when using su?

  #65 opened 5 years ago by pyllyukko
  0

• Print last login only once

  #63 opened 5 years ago by pyllyukko
  0

• PAM idea: highlight pam_lastlog

  #62 opened 5 years ago by pyllyukko
  0

• Use pam_limits to configure /etc/security/limits.conf

  #50 opened 5 years ago by pyllyukko
  0

• Debian PAM: disallow logins from UID < 1000

  #34 opened 6 years ago by pyllyukko
  0

• Debian PAM: allow root logins from login

  #35 opened 6 years ago by pyllyukko
  0

• PAM: add pam_time to common-account

  #41 opened 5 years ago by pyllyukko
  0

• PAM: Proper tests with libpamtest

  #61 opened 5 years ago by pyllyukko
  1

• Make letsencrypt use 4096 bit keys

  #55 opened 5 years ago by pyllyukko
  1

• sudoers.j2: set hostname?

  #57 opened 5 years ago by pyllyukko
  1

• Slackware: prevent users from shooting themselves in the foot with su & sudo hardening

  #56 opened 5 years ago by pyllyukko
  0

• Disable auditd for Raspbian in audit.yml

  #46 opened 5 years ago by pyllyukko
  0

• Use Kali VM for the benchmarks

  #32 opened 5 years ago by pyllyukko
  1

• Check for RNG and use rng-tools accordingly

  #49 opened 5 years ago by pyllyukko
  0

• Check systemd SystemState=degraded from cron and e-mail about it

  #37 opened 5 years ago by pyllyukko
  1

• rtld-audit?

  #36 opened 6 years ago by pyllyukko
  0

• Add Aircrack-ng AppArmor profiles

  #33 opened 6 years ago by pyllyukko
  0