Charles N Wyble
8f44815d97
feat(security-hardening): add SCAP-STIG compliance configuration files
Add security hardening configuration files implementing SCAP-STIG
controls:
- sysctl-hardening.conf: 75 kernel security parameters covering:
* IP forwarding and redirect controls
* Source routing and martian packet logging
* TCP SYN cookies and timestamps
* ExecShield and ASLR settings
* Ptrace scope restrictions
* Unprivileged BPF and userns restrictions
- security-limits.conf: Resource limits for:
* Core dump prevention (fork bomb protection)
* Process count limits (4096 soft, 8192 hard)
* File handle limits (1024 soft, 4096 hard)
* Memory lock and file size restrictions
- issue, issue.net, motd: Security warning banners for local
and network login
- modprobe/: Directory for kernel module blacklist configurations
These configs implement CIS Benchmark and DISA STIG requirements
for Linux server hardening.
Related: KNELServerBuild/ProjectCode/Modules/Security/secharden-scap-stig.sh
2026-02-17 16:32:14 -05:00
..
2026-02-17 16:31:37 -05:00
2026-01-21 12:48:32 -05:00
2026-01-21 12:48:32 -05:00
2026-01-21 11:43:35 -05:00
2026-01-21 12:48:32 -05:00
2026-01-21 11:43:35 -05:00
2026-01-21 11:43:35 -05:00
2026-02-17 16:32:14 -05:00
2026-01-21 11:43:35 -05:00
2026-01-21 11:43:35 -05:00
2026-01-21 12:48:32 -05:00
2026-01-21 11:43:35 -05:00
2026-01-21 11:05:17 -05:00
2026-02-17 16:31:53 -05:00
2026-01-21 11:43:35 -05:00
2026-01-21 11:43:35 -05:00