2.2. Hardening

Check apparmor, sysctl, toolchain and samhain before running tests.

Mount some filesystems in read only

Check processes running as root

Check processes users premissions

        $ sudo prt-get depinst checksec lynis
        

Lynis gives a view of system overall configuration, without changing default profile it runs irrelevant tests. Create a lynis profile by coping default one and run lynis;

        $ sudo cp /etc/lynis/default.prf /etc/lynis/custom.prf
        $ sudo lynis configure settings color=yes
        $ sudo lynis show settings
        $ sudo lynis show profile
        

        $ lynis audit system > lynis_report
        $ mv /tmp/lynis.log .
        $ mv /tmp/lynis-report.dat .
        

Add unnecessary tests to profile to have less noise.

This is part of the Hive System Documentation. Copyright (C) 2018 c9 team. See the file Gnu Free Documentation License for copying conditions.