• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

marshyski/quick-secure: Quickly secure UNIX/Linux systems

原作者: [db:作者] 来自: 网络 收藏 邀请

开源软件名称(OpenSource Name):

marshyski/quick-secure

开源软件地址(OpenSource Url):

https://github.com/marshyski/quick-secure

开源编程语言(OpenSource Language):

Shell 100.0%

开源软件介绍(OpenSource Introduction):

Quick NIX Secure Script

Quick NIX Secure Script is used to harden and secure basic permissions and ownership on the fly. This script can be used during boot up, cron, bootstrapping, kickstart, jumpstart and during other system deployments. I recommend using CM tools like Puppet or Ansible, but this is still nice.

Why use this?

Many times in (prod)uction world prior admins harden without automation or towards an industry baseline. This is to help get to a point of standardization and quickly set or reset basic system security.

Use before or after app deploymentz. I don't set umasks, so everything should work regardless ^_^

Industry Compliance

This is influenced from DISA STIGs, ODAA, NSA and NIST/FIPs. This does not enforce towards those baselines, but helps minimize CAT I-III findings.

Requirements

  • RHEL 5-6, Fedora 17-20, Ubuntu 10-13, Solaris 9-10 and OpenSolaris
  • root or equivalent
  • basic /bin /sbin /usr/bin executables

Installation

(Easiest method to get going)

curl -sfO https://raw.githubusercontent.com/marshyski/quick-secure/master/quick-secure && bash quick-secure

(Alternative)

git clone https://github.com/marshyski/quick-secure.git
chmod 0700 ./quick-secure/quick-secure

Securing Docker Containers

(Easiest method)

RUN cd / && curl -sfO https://raw.githubusercontent.com/marshyski/quick-secure/master/quick-secure && bash /quick-secure -f

(Alternative method)

ADD quick-secure /quick-secure
RUN bash /quick-secure -f

Usage

-c argument reviews what's commented out in quick-secure.

./quick-secure/quick-secure -c

-u argument reviews what's being applied to your current system.

./quick-secure/quick-secure -u

-f argument forces settings without being prompt with "are you sure" question.

./quick-secure/quick-secure -f

Run quick-secure for the first time: ./quick-secure/quick-secure in CLI.

Setup quick-secure to run every sunday at 11PM via root's cron:

00 23 * * 0 /root/quick-secure/quick-secure -f

Help & Feedback

You can email ([email protected]) me directly if you need help, submit an issue or pull request. Fork it.

Looking for better hardening for Ubuntu so pull request quick-secure.




鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap