8f44815d97
Add security hardening configuration files implementing SCAP-STIG controls: - sysctl-hardening.conf: 75 kernel security parameters covering: * IP forwarding and redirect controls * Source routing and martian packet logging * TCP SYN cookies and timestamps * ExecShield and ASLR settings * Ptrace scope restrictions * Unprivileged BPF and userns restrictions - security-limits.conf: Resource limits for: * Core dump prevention (fork bomb protection) * Process count limits (4096 soft, 8192 hard) * File handle limits (1024 soft, 4096 hard) * Memory lock and file size restrictions - issue, issue.net, motd: Security warning banners for local and network login - modprobe/: Directory for kernel module blacklist configurations These configs implement CIS Benchmark and DISA STIG requirements for Linux server hardening. Related: KNELServerBuild/ProjectCode/Modules/Security/secharden-scap-stig.sh
6 lines
221 B
Plaintext
6 lines
221 B
Plaintext
This system is the property of Known Element Enterprises LLC.
|
|
|
|
Authorized uses only. All activity may be monitored and reported.
|
|
|
|
All activities subject to monitoring/recording/review in real time and/or at a later time.
|