diff options
Diffstat (limited to 'core/hardening.html')
| -rw-r--r-- | core/hardening.html | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/core/hardening.html b/core/hardening.html index 91cd8e9..383f583 100644 --- a/core/hardening.html +++ b/core/hardening.html @@ -10,18 +10,19 @@ <h1>2.2. Hardening</h1> - <p>Kernel in ports have upstream linux kernel and - grsecurity patch, it should break building some packages, - install follow tools;</p> + <p>Check <a href="apparmor.html">apparmor</a>, + <a href="sysctl.html">sysctl</a>, + <a href="toolchain.html">toolchain</a> and + <a href="samhain.html">samhain</a> before running tests.</p> + + <p>Mount some filesystems in read only</p> + <p>Check processes running as root</p> + <p>Check processes users premissions</p> <pre> - $ sudo prt-get depinst gradm paxtest paxctld checksec lynis + $ sudo prt-get depinst checksec lynis </pre> - <p>Information about <a href="grsecurity.html">grsecurity</a> kernel - configuration, <a href="grsecurity.html#pax">pax</a> and - <a href="grsecurity.html#gradm">gradm</a>.</p> - <p>Lynis gives a view of system overall configuration, without changing default profile it runs irrelevant tests. Create a lynis profile by coping default one and run lynis;</p> @@ -41,7 +42,6 @@ <p>Add unnecessary tests to profile to have less noise.</p> - <a href="index.html">Core OS Index</a> <p>This is part of the c9 Manual. Copyright (C) 2017 |