Collaborate Disseminate
I was recently added ("tossed" is perhaps a better term) to a project that dabbles in the world of cybersecurity. My employer gave me the task testing a server our company is developing software for, the end use of which will be … Continue reading Resources for learning the fundamental principles of OS hardening (and how to test)
As a junior security candidate I am under the impression of all these misleading videos and SEO enriched articles full of some of the same copy and pasted top results and really need a better under standing or a foundation for better exper… Continue reading After hardening Windows, Macintosh, and a Linux flavor which is truly toughest?
If I loan out laptops to my employees to work remotely, such as Dr’s, Nurses and other healthcare workers that generate sensitive information on patients, how can I remotely disable the laptop’s ability to power on/charge?
Are there any mo… Continue reading Remotely disable a laptop’s ability to power on or charge?
I am using Selinux now for a while and I like it pretty much. But so far I was not able to setup rules in a way so that I could prevent my browser from reading my private ssh keys. So far I got this setup:
id -Z
staff_u:staff_r:staff_t:s0-… Continue reading Using Selinux to prevent Browser from reading priave SSH keys
Is there any tool/products out there which can do the following?
apply CIS or custom hardening settings on servers (linux)
monitor those settings for changes and report
fix the deviation from the tool, whenever asked by the compliance tea… Continue reading Security configuration manager tool [closed]
CIS has published a list of container vulnerabilities that should be addressed to complete the hardening process.
Are there separate sets of tools that only point out the vulnerabilities
and then tools that "fix" the vulnerabili… Continue reading Tools for "scanning" container (hardening) vulnerabilities vs tools for "performing" the hardening [closed]
CIS has published hardening standards for all operating systems of EC2 in AWS.
CIS also provides hardened images as well but they’re quite expensive at $130/year/instance.
Is there a place where we can get open source hardening scripts to … Continue reading Where could we get CIS Hardening Scripts for AWS EC2?
linux security and root access question….
I’m setting up a server that has a validator node running on it for a blockchain. I was trying to harden the security of my server. I set up ufw for all ports but those necessary for the node to … Continue reading Disable everything but a hidden command for root access
linux security and root access question….
I’m setting up a server that has a validator node running on it for a blockchain. I was trying to harden the security of my server. I set up ufw for all ports but those necessary for the node to … Continue reading Disable everything but a hidden command for root access
Let’s say you have a important file/folder, and want to only allow certain processes (based on process name, or its corresponding ELF file on the disk, or the digital signature of the corresponding ELF, etc) to read/write to that file. How… Continue reading How to only allow whitelisted processes to access a certain file using SElinux?