mirror of
https://github.com/decalage2/awesome-security-hardening.git
synced 2024-10-01 03:35:35 -04:00
A collection of awesome security hardening guides, tools and other resources
awesome-listbest-practicesblue-teamblueteamcis-benchmarkscomputer-securitycyber-securitycybersecurityinfoseclinux-hardeningsecuritysecurity-hardeningsecurity-toolswindows-hardening
README.md |
awesome-security-hardening
A collection of awesome security hardening guides, tools and other resources. This is work in progress: please contribute by forking, editing and sending pull requests.
Security Hardening Guides
Hardening Guide Collections
- CIS Benchmarks (registration required)
- ANSSI Best Practices
- NSA Security Configuration Guidance
- NSA Cybersecurity Resources for Cybersecurity Professionals and NSA Cybersecurity publications
- US DoD DISA Security Technical Implementation Guides (STIGs) and Security Requirements Guides (SRGs)
- Australian Cyber Security Center Publications
- FIRST Best Practice Guide Library (BPGL)
GNU/Linux
- ANSSI - Configuration recommendations of a GNU/Linux system
- nixCraft - 40 Linux Server Hardening Security Tips (2019 edition)
- nixCraft - Tips To Protect Linux Servers Physical Console Access
Red Hat Enterprise Linux - RHEL
- A Guide to Securing Red Hat Enterprise Linux 7
- DISA STIGs RHEL
- nixCraft - How to set up a firewall using FirewallD on RHEL 8
SUSE
- SUSE Linux Enterprise Server 12 SP4 Security Guide
- SUSE Linux Enterprise Server 12 Security and Hardening Guide
Ubuntu
Windows
macOS
Network Devices
- NSA - Harden Network Devices - very short but good summary
Switches
Routers
Virtualization - VMware
Services
SSH
- NIST IR 7966 - Security of Interactive and Automated Access Management Using Secure Shell (SSH)
- ANSSI - (Open)SSH secure use recommendations
- Linux Audit - OpenSSH security and hardening
- Positron Security SSH Hardening Guides - focused on crypto algorithms
Web Servers
Mail Servers
FTP Servers
Database Servers
LDAP
- OpenLDAP Security Considerations
- Best Practices in LDAP Security (2011)
- LDAP: Hardening Server Security (so administrators can sleep at night)
DNS
- NSA BIND 9 DNS Security (2011)
Authentication - Passwords
Tools
Tools to check security hardening
Tools to apply security hardening
- Bastille Linux - outdated
- Hardentools - for Windows individual users (not corporate environments) at risk, who might want an extra level of security at the price of some usability.