hardening of Linux Box

[HAL]

I was looking for help in one more area i.e. hardening of Linux Box with regards to Nagios Xi Application, can you let me know any suggested/recommended minimal hardening standards that I can inbuilt in my Linux Box. Our Linux Box VM is not exposed to outside world.

[lmiltchev]

We don't have any official documentation on the security, but you can look at some general steps that you can take in order to harden your linux system.
There many resources online. For example, I found this link - not sure if this is going to be of any value to you, but it's worth checking it out.
Hope this helps.

[HAL]

Thanks for the help, let me see to the link forwarded by you.

[slansing]

Let us know if you have any other questions.

[HAL]

I have gone through the link provided by you, its a generalized documents towards hardening, as our Linux Server is totally dedicated towards nagiosxi application and nothing else with this, can you provide me any standards minimal hardening measures to be implemented in our Linux Box.

[abrist]

General hardening:

1. Lock down iptables
2. Enforce strict password policies
3. Enable SELinux (this should not be implemented lightly as it can be a bear!)
4. Disable sshd (can make support difficult!) or enforce the usage of ssh keys only.
5. Continue your discussion with Spencer through email (mod security etc.)

[HAL]

Thanks for providing the generalized hardening tips, I will see to it. Please convey Spencer to provide me about information in this regard through email, I have already send a mail to [email protected] from my email id [email protected].

[slansing]

I will let him know, though I assume he will probably respond here unless it is involving sensitive information.

[HAL]

Thanks, will get back in case of any concerns.

[slansing]

Great, locking the thread, if you have additional questions regarding this please open a new thread and mention this thread's URL.