awesome-security-hardening/README.md
2019-07-31 15:36:09 +02:00

26 KiB
Raw Blame History

awesome-security-hardening

Awesome

A collection of awesome security hardening guides, best practices, checklists, benchmarks, tools and other resources. This is work in progress: please contribute by sending your suggestions. You may do this by creating issue tickets or forking, editing and sending pull requests. You may also send suggestions on Twitter to @decalage2, or use https://www.decalage.info/contact


Table of Contents


Security Hardening Guides and Best Practices

Hardening Guide Collections

GNU/Linux

Red Hat Enterprise Linux - RHEL

CentOS

SUSE

Ubuntu

Windows

See also Active Directory and ADFS below.

macOS

Network Devices

Switches

Routers

IPv6

  • ERNW - Developing an Enterprise IPv6 Security Strategy Part 1, Part 2, Part 3, Part 4 - Network Isolation on the Routing Layer, Traffic Filtering in IPv6 Networks
  • see also IPv6 links under GNU/Linux, Windows and macOS

Firewalls

Virtualization - VMware

Containers - Docker

Services

SSH

TLS/SSL

Web Servers

Apache HTTP Server

Apache Tomcat

Eclipse Jetty

Microsoft IIS

Mail Servers

FTP Servers

Database Servers

Active Directory

ADFS

Kerberos

LDAP

DNS

NTP

NFS

CUPS

Authentication - Passwords

Hardware - BIOS - UEFI

Cloud

Tools

Tools to check security hardening

GNU/Linux

Network Devices

  • Nipper-ng - to check the configuration of network devices (does not seem to be updated)

TLS/SSL

SSH

  • ssh-audit - SSH server auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

Docker

  • Docker Bench for Security - script that checks for dozens of common best-practices around deploying Docker containers in production, inspired by the CIS Docker Community Edition Benchmark v1.1.0.

Cloud

Tools to apply security hardening

GNU/Linux

Windows

  • Hardentools - for Windows individual users (not corporate environments) at risk, who might want an extra level of security at the price of some usability.
  • Windows 10 Hardening - A collective resource of settings modifications (mostly opt-outs) that attempt to make Windows 10 as private and as secure as possible.
  • Hardening Auditor - Scripts for comparing Microsoft Windows compliance with the ASD 1709 & Office 2016 Hardening Guides
  • Windows 10 Initial Setup Script - PowerShell script for automation of routine tasks done after fresh installations of Windows 10 / Server 2016 / Server 2019

TLS/SSL

Cloud

Password Generators

Books

Other Awesome Lists

(borrowed from Awesome Security)

Other Awesome Security Lists