I'm working on a guide focused on securing Linux servers and I'd like to ask you what your essential hardening techniques and tips are? Your feedback would be greatly appreciated
I'm working on a guide focused on securing Linux servers and I'd like to ask you what your essential hardening techniques and tips are? Your feedback would be greatly appreciated
Here’s how this concept made it onto my radar. This is an obsessively paranoid NixOS config and accompanying article:
https://xeiaso.net/blog/paranoid-nixos-2021-07-18/
Also, for further reference:
There’s a whole subsection of nixpkgs that could be helpful for a hardening guide:
https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/hardened.nix
Also, there are a few articles walking us through hardening Nix:
https://dataswamp.org/~solene/2022-01-13-nixos-hardened.html
On NixOS Discourse:
https://discourse.nixos.org/t/hardening-systemd-services/17147/6