I'm working on a guide focused on securing Linux servers and I'd like to ask you what your essential hardening techniques and tips are? Your feedback would be greatly appreciated

  • demesisx@infosec.pub
    ·
    edit-2
    1 year ago

    Here’s how this concept made it onto my radar. This is an obsessively paranoid NixOS config and accompanying article:

    https://xeiaso.net/blog/paranoid-nixos-2021-07-18/

    Also, for further reference:

    There’s a whole subsection of nixpkgs that could be helpful for a hardening guide:

    https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/hardened.nix

    Also, there are a few articles walking us through hardening Nix:

    https://dataswamp.org/~solene/2022-01-13-nixos-hardened.html

    On NixOS Discourse:

    https://discourse.nixos.org/t/hardening-systemd-services/17147/6