diff options
| author | Silvino Silva <silvino@bk.ru> | 2018-04-06 17:41:00 +0100 |
|---|---|---|
| committer | Silvino Silva <silvino@bk.ru> | 2018-04-06 17:41:00 +0100 |
| commit | 8ee63f12e337f97013cfa3cb3d3b27f15f88dfcd (patch) | |
| tree | 0ce231727fdbe28bc1ed64546be93f1ee988d7b6 /core/hardening.html | |
| parent | 6bf0c99f1320e117663e34221837c6fe22f75e6f (diff) | |
| parent | 152177eeca633a26a1228cfded025b5a7d861c66 (diff) | |
| download | doc-8ee63f12e337f97013cfa3cb3d3b27f15f88dfcd.tar.gz | |
Release 0.3.3
Diffstat (limited to 'core/hardening.html')
| -rw-r--r-- | core/hardening.html | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/core/hardening.html b/core/hardening.html index 91cd8e9..383f583 100644 --- a/core/hardening.html +++ b/core/hardening.html @@ -10,18 +10,19 @@ <h1>2.2. Hardening</h1> - <p>Kernel in ports have upstream linux kernel and - grsecurity patch, it should break building some packages, - install follow tools;</p> + <p>Check <a href="apparmor.html">apparmor</a>, + <a href="sysctl.html">sysctl</a>, + <a href="toolchain.html">toolchain</a> and + <a href="samhain.html">samhain</a> before running tests.</p> + + <p>Mount some filesystems in read only</p> + <p>Check processes running as root</p> + <p>Check processes users premissions</p> <pre> - $ sudo prt-get depinst gradm paxtest paxctld checksec lynis + $ sudo prt-get depinst checksec lynis </pre> - <p>Information about <a href="grsecurity.html">grsecurity</a> kernel - configuration, <a href="grsecurity.html#pax">pax</a> and - <a href="grsecurity.html#gradm">gradm</a>.</p> - <p>Lynis gives a view of system overall configuration, without changing default profile it runs irrelevant tests. Create a lynis profile by coping default one and run lynis;</p> @@ -41,7 +42,6 @@ <p>Add unnecessary tests to profile to have less noise.</p> - <a href="index.html">Core OS Index</a> <p>This is part of the c9 Manual. Copyright (C) 2017 |