Linux Systems Hardening

While many Linux hardening measures are straight-forward (strong passwords that meet VT requirements, regular patching, host-based firewalls, etc.) some are not so obvious and may differ per Linux distribution or kernel. Here are some resources for hardening Linux systems that we find useful in the ITSO:

• Centos - https://wiki.centos.org/HowTos/OS_Protection
• Ubuntu - https://help.ubuntu.com/community/Security
• Debian - https://www.debian.org/doc/manuals/securing-debian-manual

CIS-CAT runs on Linux systems as well and can be used to further harden Linux systems. If you don’t already have CIS-CAT, email itso@vt.edu to obtain a copy.