Common approaches to securing Linux servers and what runs on them.

  • Access control lists (ACLs)…
  • System auditing…
  • Static analysis and fuzzing…
  • Network segmentation…
  • Compartmentalization…
  • File permissions and umask…
  • Containers…
  • Utilizing threat intelligence…
  • Firewall and packet filters…
  • DNS and domain registrar…
  • Physical access…
  • Do you have deterministic builds?
  • Verifying digital signatures…
  • Have you sandboxed your application(s)?
  • TLS and crypto configuration…
  • Keys and secrets management…
  • HTTP security headers…
  • File integrity monitoring…
  • Intrusion detection…
  • Vulnerability assessment…
  • Security of the base system…
  • LSMs (Linux Security Modules)
  • Linux kernel hardening and enhancement…
  • Removing unnecessary devices…
  • Are you aggregating, parsing and alerting upon your logs?
  • How well are you monitoring resource usage?
  • Infrastructure tests…
  • Platform and firmware security…
  • Protecting the remote shell…
  • Webserver best practices…
  • Secondary factors…
  • DNS resolution…
  • Audit trusted parties…
  • Signing git commits and tags …

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Kevin M. Gallagher

Kevin M. Gallagher

Linux sysadmin/DevOps/SRE privacy & transparency activist 0xB604C32AD5D7C6D8