├── README.md ├── main.sh └── scripts ├── aideinstall.sh ├── aslrrandom.sh ├── broadcasticmpdisable.sh ├── check_duplicate_gid.sh ├── check_duplicate_groupname.sh ├── check_duplicate_uid.sh ├── check_duplicate_username.sh ├── check_user_homedir_ownership.sh ├── coredump.sh ├── cron_weekly_perm_ownership.sh ├── crontabcheck.sh ├── crontabpermission.sh ├── ensuretmp.sh ├── hardening ├── 1.2_enable_verify_sign_packages_from_repository.sh ├── 1.3_enable_verify_sign_of_local_packages.sh ├── 1.4_set_no_allow_insecure_repository_by_apt.sh ├── 10.1.10_set_maxlogins_for_all_accounts.sh ├── 10.1.8_set_fail_delay_seconds.sh ├── 10.3_default_root_group.sh ├── 10.5_set_timeout_tty.sh ├── 11.1_warning_banners.sh ├── 11.2_remove_os_info_warning_banners.sh ├── 12.10_find_suid_files.sh ├── 12.11_find_sgid_files.sh ├── 12.12_etc_group_backup_permissions.sh ├── 12.13_etc_gshadow_backup_permissions.sh ├── 12.1_etc_passwd_permissions.sh ├── 12.2_etc_shadow_permissions.sh ├── 12.3_etc_group_permissions.sh ├── 12.4_etc_gshadow_permissions.sh ├── 12.5_etc_passwd_backup_permissions.sh ├── 12.6_etc_shadow_backup_permissions.sh ├── 12.8_find_unowned_files.sh ├── 12.9_find_ungrouped_files.sh ├── 13.10_find_user_rhosts_files.sh ├── 13.11_find_passwd_group_inconsistencies.sh ├── 13.12_users_valid_homedir.sh ├── 13.13_check_user_homedir_ownership.sh ├── 13.14_check_duplicate_uid.sh ├── 13.15_check_duplicate_gid.sh ├── 13.16_check_duplicate_username.sh ├── 13.17_check_duplicate_groupname.sh ├── 13.18_find_user_netrc_files.sh ├── 13.19_find_user_forward_files.sh ├── 13.1_remove_empty_password_field.sh ├── 13.20_shadow_group_empty.sh ├── 13.2_remove_legacy_passwd_entries.sh ├── 13.3_remove_legacy_shadow_entries.sh ├── 13.4_remove_legacy_group_entries.sh ├── 13.5_find_0_uid_non_root_account.sh ├── 13.6_sanitize_root_path.sh ├── 13.7_check_user_dir_perm.sh ├── 13.8_check_user_dot_file_perm.sh ├── 13.9_set_perm_on_user_netrc.sh ├── 2.10_home_nodev.sh ├── 2.11_removable_device_nodev.sh ├── 2.12_removable_device_noexec.sh ├── 2.13_removable_device_nosuid.sh ├── 2.14_run_shm_nodev.sh ├── 2.15_run_shm_nosuid.sh ├── 2.17_sticky_bit_world_writable_folder.sh ├── 2.18_disable_cramfs.sh ├── 2.19_disable_freevxfs.sh ├── 2.1_tmp_partition.sh ├── 2.20_disable_jffs2.sh ├── 2.21_disable_hfs.sh ├── 2.22_disable_hfsplus.sh ├── 2.23_disable_squashfs.sh ├── 2.24_disable_udf.sh ├── 2.25_disable_automounting.sh ├── 2.26_home_nosuid.sh ├── 2.27_nfs_nosuid.sh ├── 2.28_nfs_noexec.sh ├── 2.29_nfs_RPCSEC_GSS.sh ├── 2.2_tmp_nodev.sh ├── 2.3_tmp_nosuid.sh ├── 2.4_tmp_noexec.sh ├── 2.6.2_var_tmp_nodev.sh ├── 2.6.3_var_tmp_nosuid.sh ├── 3.1_bootloader_ownership.sh ├── 3.2_bootloader_permissions.sh ├── 4.1_restrict_core_dumps.sh ├── 4.2_enable_nx_support.sh ├── 4.3_enable_randomized_vm_placement.sh ├── 4.4_disable_prelink.sh ├── 5.1.2_disable_rsh.sh ├── 5.1.3_disable_rsh_client.sh ├── 5.1.4_disable_talk.sh ├── 5.1.5_disable_talk_client.sh ├── 5.1.6_disable_telnet_server.sh ├── 5.3_enable_openssh_server.sh ├── 5.4_disable_ctrl_alt_del_target.sh ├── 5.8_ensure_installed_sudo.sh ├── 6.5_ensure_time_sync_server_is_installed.sh ├── 6.8_disable_dns_server.sh ├── 7.1.1_disable_ip_forwarding.sh ├── 7.1.2_disable_send_packet_redirects.sh ├── 7.1.3_disable_interface_promisc_mode.sh ├── 7.2.1_disable_source_routed_packets.sh ├── 7.2.2_disable_icmp_redirect.sh ├── 7.2.3_disable_secure_icmp_redirect.sh ├── 7.2.4_log_martian_packets.sh ├── 7.2.5_ignore_broadcast_requests.sh ├── 7.2.6_enable_bad_error_message_protection.sh ├── 7.2.7_enable_source_route_validation.sh ├── 7.2.8_enable_tcp_syn_cookies.sh ├── 7.3.1_disable_ipv6_router_advertisement.sh ├── 7.3.2_disable_ipv6_redirect.sh ├── 7.4.1_install_tcp_wrapper.sh ├── 7.4.2_hosts_allow.sh ├── 7.4.3_hosts_allow_permissions.sh ├── 7.4.5_hosts_deny_permissions.sh ├── 7.5.1_disable_dccp.sh ├── 7.5.2_disable_sctp.sh ├── 7.5.3_disable_rds.sh ├── 7.5.4_disable_tipc.sh ├── 7.7.1_enable_firewall.sh ├── 7.7.2_ensure_set_firewall_rules.sh ├── 7.7.3_ensure_firewall_set_protect_dos_attacks.sh ├── 7.7.4.1_ensure_default_deny_firewall_policy.sh ├── 7.7.4.2_ensure_loopback_traffic_is_configured.sh ├── 7.7.4.3_ensure_firewall_rules_exist_for_all_open_ports.sh ├── 7.7.4.4_ensure_outbound_and_established_connections_are_configured.sh ├── 7.7.5.1_ensure_default_deny_firewall_policy_for_v6.sh ├── 7.7.5.2_ensure_loopback_traffic_is_configured_for_v6.sh ├── 7.7.5.3_ensure_firewall_rules_exist_for_all_open_ports_for_v6.sh ├── 7.7.5.4_ensure_outbound_and_established_connections_are_configured_for_v6.sh ├── 8.3.6_remote_syslog-ng_acl.sh ├── 9.1.1_enable_cron.sh ├── 9.1.2_crontab_perm_ownership.sh ├── 9.1.3_cron_hourly_perm_ownership.sh ├── 9.1.4_cron_daily_perm_ownership.sh ├── 9.1.5_cron_weekly_perm_ownership.sh ├── 9.1.6_cron_monthly_perm_ownership.sh ├── 9.1.7_cron_d_perm_ownership.sh ├── 9.1.8_cron_users.sh ├── 9.3.10_disable_sshd_setenv.sh ├── 9.3.11_sshd_ciphers.sh ├── 9.3.14_ssh_banner.sh ├── 9.3.15_sshd_printlastlog.sh ├── 9.3.16_sshd_IgnoreUserKnownHosts.sh ├── 9.3.17_sshd_GSSAPIAuthentication.sh ├── 9.3.18_sshd_KerberosAuthentication.sh ├── 9.3.19_sshd_StrictModes.sh ├── 9.3.1_sshd_protocol.sh ├── 9.3.21_sshd_compression.sh ├── 9.3.22_sshd_MACs.sh ├── 9.3.23_ssh_check_pub_hostkey_permission.sh ├── 9.3.24_ssh_check_priv_hostkey_permission.sh ├── 9.3.25_sshd_kexalgorithms.sh ├── 9.3.2_sshd_loglevel.sh ├── 9.3.3_sshd_conf_perm_ownership.sh ├── 9.3.4_disable_x11_forwarding.sh ├── 9.3.5_sshd_maxauthtries.sh ├── 9.3.6_enable_sshd_ignorerhosts.sh ├── 9.3.7_disable_sshd_hostbasedauthentication.sh ├── 9.3.8_disable_root_login.sh └── 9.3.9_disable_sshd_permitemptypasswords.sh ├── hardening2.sh ├── icmpredirectdisable.sh ├── icmpredirectfiledisable.sh ├── ipforwarddisable.sh ├── ipredirectdisable.sh ├── iproutedisable.sh ├── iptablesipv6.sh ├── modprobe.sh ├── remove_empty_password_field.sh ├── remove_legacy_group_entries.sh ├── remove_legacy_passwd_entries.sh ├── remove_legacy_shadow_entries.sh ├── reversefilterenable.sh ├── rmmod.sh ├── scripts.txt ├── shadowpermission.sh └── suspiciouspackets.sh /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/README.md -------------------------------------------------------------------------------- /main.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/main.sh -------------------------------------------------------------------------------- /scripts/aideinstall.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/aideinstall.sh -------------------------------------------------------------------------------- /scripts/aslrrandom.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | echo "Garantir o ASLR habilitado" 3 | sysctl -w kernel.randomize_va_space=2 4 | -------------------------------------------------------------------------------- /scripts/broadcasticmpdisable.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/broadcasticmpdisable.sh -------------------------------------------------------------------------------- /scripts/check_duplicate_gid.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/check_duplicate_gid.sh -------------------------------------------------------------------------------- /scripts/check_duplicate_groupname.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/check_duplicate_groupname.sh -------------------------------------------------------------------------------- /scripts/check_duplicate_uid.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/check_duplicate_uid.sh -------------------------------------------------------------------------------- /scripts/check_duplicate_username.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/check_duplicate_username.sh -------------------------------------------------------------------------------- /scripts/check_user_homedir_ownership.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/check_user_homedir_ownership.sh -------------------------------------------------------------------------------- /scripts/coredump.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/coredump.sh -------------------------------------------------------------------------------- /scripts/cron_weekly_perm_ownership.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/cron_weekly_perm_ownership.sh -------------------------------------------------------------------------------- /scripts/crontabcheck.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/crontabcheck.sh -------------------------------------------------------------------------------- /scripts/crontabpermission.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/crontabpermission.sh -------------------------------------------------------------------------------- /scripts/ensuretmp.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/ensuretmp.sh -------------------------------------------------------------------------------- /scripts/hardening/1.2_enable_verify_sign_packages_from_repository.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/1.2_enable_verify_sign_packages_from_repository.sh -------------------------------------------------------------------------------- /scripts/hardening/1.3_enable_verify_sign_of_local_packages.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/1.3_enable_verify_sign_of_local_packages.sh -------------------------------------------------------------------------------- /scripts/hardening/1.4_set_no_allow_insecure_repository_by_apt.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/1.4_set_no_allow_insecure_repository_by_apt.sh -------------------------------------------------------------------------------- /scripts/hardening/10.1.10_set_maxlogins_for_all_accounts.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/10.1.10_set_maxlogins_for_all_accounts.sh -------------------------------------------------------------------------------- /scripts/hardening/10.1.8_set_fail_delay_seconds.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/10.1.8_set_fail_delay_seconds.sh -------------------------------------------------------------------------------- /scripts/hardening/10.3_default_root_group.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/10.3_default_root_group.sh -------------------------------------------------------------------------------- /scripts/hardening/10.5_set_timeout_tty.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/10.5_set_timeout_tty.sh -------------------------------------------------------------------------------- /scripts/hardening/11.1_warning_banners.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/11.1_warning_banners.sh -------------------------------------------------------------------------------- /scripts/hardening/11.2_remove_os_info_warning_banners.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/11.2_remove_os_info_warning_banners.sh -------------------------------------------------------------------------------- /scripts/hardening/12.10_find_suid_files.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/12.10_find_suid_files.sh -------------------------------------------------------------------------------- /scripts/hardening/12.11_find_sgid_files.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/12.11_find_sgid_files.sh -------------------------------------------------------------------------------- /scripts/hardening/12.12_etc_group_backup_permissions.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/12.12_etc_group_backup_permissions.sh -------------------------------------------------------------------------------- /scripts/hardening/12.13_etc_gshadow_backup_permissions.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/12.13_etc_gshadow_backup_permissions.sh -------------------------------------------------------------------------------- /scripts/hardening/12.1_etc_passwd_permissions.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/12.1_etc_passwd_permissions.sh -------------------------------------------------------------------------------- /scripts/hardening/12.2_etc_shadow_permissions.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/12.2_etc_shadow_permissions.sh -------------------------------------------------------------------------------- /scripts/hardening/12.3_etc_group_permissions.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/12.3_etc_group_permissions.sh -------------------------------------------------------------------------------- /scripts/hardening/12.4_etc_gshadow_permissions.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/12.4_etc_gshadow_permissions.sh -------------------------------------------------------------------------------- /scripts/hardening/12.5_etc_passwd_backup_permissions.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/12.5_etc_passwd_backup_permissions.sh -------------------------------------------------------------------------------- /scripts/hardening/12.6_etc_shadow_backup_permissions.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/12.6_etc_shadow_backup_permissions.sh -------------------------------------------------------------------------------- /scripts/hardening/12.8_find_unowned_files.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/12.8_find_unowned_files.sh -------------------------------------------------------------------------------- /scripts/hardening/12.9_find_ungrouped_files.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/12.9_find_ungrouped_files.sh -------------------------------------------------------------------------------- /scripts/hardening/13.10_find_user_rhosts_files.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.10_find_user_rhosts_files.sh -------------------------------------------------------------------------------- /scripts/hardening/13.11_find_passwd_group_inconsistencies.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.11_find_passwd_group_inconsistencies.sh -------------------------------------------------------------------------------- /scripts/hardening/13.12_users_valid_homedir.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.12_users_valid_homedir.sh -------------------------------------------------------------------------------- /scripts/hardening/13.13_check_user_homedir_ownership.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.13_check_user_homedir_ownership.sh -------------------------------------------------------------------------------- /scripts/hardening/13.14_check_duplicate_uid.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.14_check_duplicate_uid.sh -------------------------------------------------------------------------------- /scripts/hardening/13.15_check_duplicate_gid.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.15_check_duplicate_gid.sh -------------------------------------------------------------------------------- /scripts/hardening/13.16_check_duplicate_username.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.16_check_duplicate_username.sh -------------------------------------------------------------------------------- /scripts/hardening/13.17_check_duplicate_groupname.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.17_check_duplicate_groupname.sh -------------------------------------------------------------------------------- /scripts/hardening/13.18_find_user_netrc_files.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.18_find_user_netrc_files.sh -------------------------------------------------------------------------------- /scripts/hardening/13.19_find_user_forward_files.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.19_find_user_forward_files.sh -------------------------------------------------------------------------------- /scripts/hardening/13.1_remove_empty_password_field.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.1_remove_empty_password_field.sh -------------------------------------------------------------------------------- /scripts/hardening/13.20_shadow_group_empty.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.20_shadow_group_empty.sh -------------------------------------------------------------------------------- /scripts/hardening/13.2_remove_legacy_passwd_entries.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.2_remove_legacy_passwd_entries.sh -------------------------------------------------------------------------------- /scripts/hardening/13.3_remove_legacy_shadow_entries.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.3_remove_legacy_shadow_entries.sh -------------------------------------------------------------------------------- /scripts/hardening/13.4_remove_legacy_group_entries.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.4_remove_legacy_group_entries.sh -------------------------------------------------------------------------------- /scripts/hardening/13.5_find_0_uid_non_root_account.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.5_find_0_uid_non_root_account.sh -------------------------------------------------------------------------------- /scripts/hardening/13.6_sanitize_root_path.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.6_sanitize_root_path.sh -------------------------------------------------------------------------------- /scripts/hardening/13.7_check_user_dir_perm.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.7_check_user_dir_perm.sh -------------------------------------------------------------------------------- /scripts/hardening/13.8_check_user_dot_file_perm.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.8_check_user_dot_file_perm.sh -------------------------------------------------------------------------------- /scripts/hardening/13.9_set_perm_on_user_netrc.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/13.9_set_perm_on_user_netrc.sh -------------------------------------------------------------------------------- /scripts/hardening/2.10_home_nodev.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.10_home_nodev.sh -------------------------------------------------------------------------------- /scripts/hardening/2.11_removable_device_nodev.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.11_removable_device_nodev.sh -------------------------------------------------------------------------------- /scripts/hardening/2.12_removable_device_noexec.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.12_removable_device_noexec.sh -------------------------------------------------------------------------------- /scripts/hardening/2.13_removable_device_nosuid.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.13_removable_device_nosuid.sh -------------------------------------------------------------------------------- /scripts/hardening/2.14_run_shm_nodev.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.14_run_shm_nodev.sh -------------------------------------------------------------------------------- /scripts/hardening/2.15_run_shm_nosuid.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.15_run_shm_nosuid.sh -------------------------------------------------------------------------------- /scripts/hardening/2.17_sticky_bit_world_writable_folder.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.17_sticky_bit_world_writable_folder.sh -------------------------------------------------------------------------------- /scripts/hardening/2.18_disable_cramfs.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.18_disable_cramfs.sh -------------------------------------------------------------------------------- /scripts/hardening/2.19_disable_freevxfs.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.19_disable_freevxfs.sh -------------------------------------------------------------------------------- /scripts/hardening/2.1_tmp_partition.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.1_tmp_partition.sh -------------------------------------------------------------------------------- /scripts/hardening/2.20_disable_jffs2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.20_disable_jffs2.sh -------------------------------------------------------------------------------- /scripts/hardening/2.21_disable_hfs.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.21_disable_hfs.sh -------------------------------------------------------------------------------- /scripts/hardening/2.22_disable_hfsplus.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.22_disable_hfsplus.sh -------------------------------------------------------------------------------- /scripts/hardening/2.23_disable_squashfs.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.23_disable_squashfs.sh -------------------------------------------------------------------------------- /scripts/hardening/2.24_disable_udf.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.24_disable_udf.sh -------------------------------------------------------------------------------- /scripts/hardening/2.25_disable_automounting.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.25_disable_automounting.sh -------------------------------------------------------------------------------- /scripts/hardening/2.26_home_nosuid.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.26_home_nosuid.sh -------------------------------------------------------------------------------- /scripts/hardening/2.27_nfs_nosuid.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.27_nfs_nosuid.sh -------------------------------------------------------------------------------- /scripts/hardening/2.28_nfs_noexec.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.28_nfs_noexec.sh -------------------------------------------------------------------------------- /scripts/hardening/2.29_nfs_RPCSEC_GSS.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.29_nfs_RPCSEC_GSS.sh -------------------------------------------------------------------------------- /scripts/hardening/2.2_tmp_nodev.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.2_tmp_nodev.sh -------------------------------------------------------------------------------- /scripts/hardening/2.3_tmp_nosuid.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.3_tmp_nosuid.sh -------------------------------------------------------------------------------- /scripts/hardening/2.4_tmp_noexec.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.4_tmp_noexec.sh -------------------------------------------------------------------------------- /scripts/hardening/2.6.2_var_tmp_nodev.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.6.2_var_tmp_nodev.sh -------------------------------------------------------------------------------- /scripts/hardening/2.6.3_var_tmp_nosuid.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/2.6.3_var_tmp_nosuid.sh -------------------------------------------------------------------------------- /scripts/hardening/3.1_bootloader_ownership.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/3.1_bootloader_ownership.sh -------------------------------------------------------------------------------- /scripts/hardening/3.2_bootloader_permissions.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/3.2_bootloader_permissions.sh -------------------------------------------------------------------------------- /scripts/hardening/4.1_restrict_core_dumps.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/4.1_restrict_core_dumps.sh -------------------------------------------------------------------------------- /scripts/hardening/4.2_enable_nx_support.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/4.2_enable_nx_support.sh -------------------------------------------------------------------------------- /scripts/hardening/4.3_enable_randomized_vm_placement.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/4.3_enable_randomized_vm_placement.sh -------------------------------------------------------------------------------- /scripts/hardening/4.4_disable_prelink.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/4.4_disable_prelink.sh -------------------------------------------------------------------------------- /scripts/hardening/5.1.2_disable_rsh.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/5.1.2_disable_rsh.sh -------------------------------------------------------------------------------- /scripts/hardening/5.1.3_disable_rsh_client.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/5.1.3_disable_rsh_client.sh -------------------------------------------------------------------------------- /scripts/hardening/5.1.4_disable_talk.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/5.1.4_disable_talk.sh -------------------------------------------------------------------------------- /scripts/hardening/5.1.5_disable_talk_client.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/5.1.5_disable_talk_client.sh -------------------------------------------------------------------------------- /scripts/hardening/5.1.6_disable_telnet_server.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/5.1.6_disable_telnet_server.sh -------------------------------------------------------------------------------- /scripts/hardening/5.3_enable_openssh_server.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/5.3_enable_openssh_server.sh -------------------------------------------------------------------------------- /scripts/hardening/5.4_disable_ctrl_alt_del_target.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/5.4_disable_ctrl_alt_del_target.sh -------------------------------------------------------------------------------- /scripts/hardening/5.8_ensure_installed_sudo.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/5.8_ensure_installed_sudo.sh -------------------------------------------------------------------------------- /scripts/hardening/6.5_ensure_time_sync_server_is_installed.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/6.5_ensure_time_sync_server_is_installed.sh -------------------------------------------------------------------------------- /scripts/hardening/6.8_disable_dns_server.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/6.8_disable_dns_server.sh -------------------------------------------------------------------------------- /scripts/hardening/7.1.1_disable_ip_forwarding.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.1.1_disable_ip_forwarding.sh -------------------------------------------------------------------------------- /scripts/hardening/7.1.2_disable_send_packet_redirects.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.1.2_disable_send_packet_redirects.sh -------------------------------------------------------------------------------- /scripts/hardening/7.1.3_disable_interface_promisc_mode.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.1.3_disable_interface_promisc_mode.sh -------------------------------------------------------------------------------- /scripts/hardening/7.2.1_disable_source_routed_packets.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.2.1_disable_source_routed_packets.sh -------------------------------------------------------------------------------- /scripts/hardening/7.2.2_disable_icmp_redirect.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.2.2_disable_icmp_redirect.sh -------------------------------------------------------------------------------- /scripts/hardening/7.2.3_disable_secure_icmp_redirect.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.2.3_disable_secure_icmp_redirect.sh -------------------------------------------------------------------------------- /scripts/hardening/7.2.4_log_martian_packets.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.2.4_log_martian_packets.sh -------------------------------------------------------------------------------- /scripts/hardening/7.2.5_ignore_broadcast_requests.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.2.5_ignore_broadcast_requests.sh -------------------------------------------------------------------------------- /scripts/hardening/7.2.6_enable_bad_error_message_protection.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.2.6_enable_bad_error_message_protection.sh -------------------------------------------------------------------------------- /scripts/hardening/7.2.7_enable_source_route_validation.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.2.7_enable_source_route_validation.sh -------------------------------------------------------------------------------- /scripts/hardening/7.2.8_enable_tcp_syn_cookies.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.2.8_enable_tcp_syn_cookies.sh -------------------------------------------------------------------------------- /scripts/hardening/7.3.1_disable_ipv6_router_advertisement.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.3.1_disable_ipv6_router_advertisement.sh -------------------------------------------------------------------------------- /scripts/hardening/7.3.2_disable_ipv6_redirect.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.3.2_disable_ipv6_redirect.sh -------------------------------------------------------------------------------- /scripts/hardening/7.4.1_install_tcp_wrapper.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.4.1_install_tcp_wrapper.sh -------------------------------------------------------------------------------- /scripts/hardening/7.4.2_hosts_allow.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.4.2_hosts_allow.sh -------------------------------------------------------------------------------- /scripts/hardening/7.4.3_hosts_allow_permissions.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.4.3_hosts_allow_permissions.sh -------------------------------------------------------------------------------- /scripts/hardening/7.4.5_hosts_deny_permissions.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.4.5_hosts_deny_permissions.sh -------------------------------------------------------------------------------- /scripts/hardening/7.5.1_disable_dccp.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.5.1_disable_dccp.sh -------------------------------------------------------------------------------- /scripts/hardening/7.5.2_disable_sctp.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.5.2_disable_sctp.sh -------------------------------------------------------------------------------- /scripts/hardening/7.5.3_disable_rds.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.5.3_disable_rds.sh -------------------------------------------------------------------------------- /scripts/hardening/7.5.4_disable_tipc.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.5.4_disable_tipc.sh -------------------------------------------------------------------------------- /scripts/hardening/7.7.1_enable_firewall.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.7.1_enable_firewall.sh -------------------------------------------------------------------------------- /scripts/hardening/7.7.2_ensure_set_firewall_rules.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.7.2_ensure_set_firewall_rules.sh -------------------------------------------------------------------------------- /scripts/hardening/7.7.3_ensure_firewall_set_protect_dos_attacks.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.7.3_ensure_firewall_set_protect_dos_attacks.sh -------------------------------------------------------------------------------- /scripts/hardening/7.7.4.1_ensure_default_deny_firewall_policy.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.7.4.1_ensure_default_deny_firewall_policy.sh -------------------------------------------------------------------------------- /scripts/hardening/7.7.4.2_ensure_loopback_traffic_is_configured.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.7.4.2_ensure_loopback_traffic_is_configured.sh -------------------------------------------------------------------------------- /scripts/hardening/7.7.4.3_ensure_firewall_rules_exist_for_all_open_ports.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.7.4.3_ensure_firewall_rules_exist_for_all_open_ports.sh -------------------------------------------------------------------------------- /scripts/hardening/7.7.4.4_ensure_outbound_and_established_connections_are_configured.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.7.4.4_ensure_outbound_and_established_connections_are_configured.sh -------------------------------------------------------------------------------- /scripts/hardening/7.7.5.1_ensure_default_deny_firewall_policy_for_v6.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.7.5.1_ensure_default_deny_firewall_policy_for_v6.sh -------------------------------------------------------------------------------- /scripts/hardening/7.7.5.2_ensure_loopback_traffic_is_configured_for_v6.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.7.5.2_ensure_loopback_traffic_is_configured_for_v6.sh -------------------------------------------------------------------------------- /scripts/hardening/7.7.5.3_ensure_firewall_rules_exist_for_all_open_ports_for_v6.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.7.5.3_ensure_firewall_rules_exist_for_all_open_ports_for_v6.sh -------------------------------------------------------------------------------- /scripts/hardening/7.7.5.4_ensure_outbound_and_established_connections_are_configured_for_v6.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/7.7.5.4_ensure_outbound_and_established_connections_are_configured_for_v6.sh -------------------------------------------------------------------------------- /scripts/hardening/8.3.6_remote_syslog-ng_acl.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/8.3.6_remote_syslog-ng_acl.sh -------------------------------------------------------------------------------- /scripts/hardening/9.1.1_enable_cron.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.1.1_enable_cron.sh -------------------------------------------------------------------------------- /scripts/hardening/9.1.2_crontab_perm_ownership.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.1.2_crontab_perm_ownership.sh -------------------------------------------------------------------------------- /scripts/hardening/9.1.3_cron_hourly_perm_ownership.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.1.3_cron_hourly_perm_ownership.sh -------------------------------------------------------------------------------- /scripts/hardening/9.1.4_cron_daily_perm_ownership.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.1.4_cron_daily_perm_ownership.sh -------------------------------------------------------------------------------- /scripts/hardening/9.1.5_cron_weekly_perm_ownership.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.1.5_cron_weekly_perm_ownership.sh -------------------------------------------------------------------------------- /scripts/hardening/9.1.6_cron_monthly_perm_ownership.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.1.6_cron_monthly_perm_ownership.sh -------------------------------------------------------------------------------- /scripts/hardening/9.1.7_cron_d_perm_ownership.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.1.7_cron_d_perm_ownership.sh -------------------------------------------------------------------------------- /scripts/hardening/9.1.8_cron_users.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.1.8_cron_users.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.10_disable_sshd_setenv.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.10_disable_sshd_setenv.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.11_sshd_ciphers.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.11_sshd_ciphers.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.14_ssh_banner.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.14_ssh_banner.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.15_sshd_printlastlog.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.15_sshd_printlastlog.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.16_sshd_IgnoreUserKnownHosts.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.16_sshd_IgnoreUserKnownHosts.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.17_sshd_GSSAPIAuthentication.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.17_sshd_GSSAPIAuthentication.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.18_sshd_KerberosAuthentication.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.18_sshd_KerberosAuthentication.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.19_sshd_StrictModes.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.19_sshd_StrictModes.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.1_sshd_protocol.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.1_sshd_protocol.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.21_sshd_compression.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.21_sshd_compression.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.22_sshd_MACs.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.22_sshd_MACs.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.23_ssh_check_pub_hostkey_permission.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.23_ssh_check_pub_hostkey_permission.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.24_ssh_check_priv_hostkey_permission.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.24_ssh_check_priv_hostkey_permission.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.25_sshd_kexalgorithms.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.25_sshd_kexalgorithms.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.2_sshd_loglevel.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.2_sshd_loglevel.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.3_sshd_conf_perm_ownership.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.3_sshd_conf_perm_ownership.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.4_disable_x11_forwarding.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.4_disable_x11_forwarding.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.5_sshd_maxauthtries.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.5_sshd_maxauthtries.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.6_enable_sshd_ignorerhosts.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.6_enable_sshd_ignorerhosts.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.7_disable_sshd_hostbasedauthentication.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.7_disable_sshd_hostbasedauthentication.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.8_disable_root_login.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.8_disable_root_login.sh -------------------------------------------------------------------------------- /scripts/hardening/9.3.9_disable_sshd_permitemptypasswords.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening/9.3.9_disable_sshd_permitemptypasswords.sh -------------------------------------------------------------------------------- /scripts/hardening2.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/hardening2.sh -------------------------------------------------------------------------------- /scripts/icmpredirectdisable.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/icmpredirectdisable.sh -------------------------------------------------------------------------------- /scripts/icmpredirectfiledisable.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/icmpredirectfiledisable.sh -------------------------------------------------------------------------------- /scripts/ipforwarddisable.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/ipforwarddisable.sh -------------------------------------------------------------------------------- /scripts/ipredirectdisable.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/ipredirectdisable.sh -------------------------------------------------------------------------------- /scripts/iproutedisable.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/iproutedisable.sh -------------------------------------------------------------------------------- /scripts/iptablesipv6.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/iptablesipv6.sh -------------------------------------------------------------------------------- /scripts/modprobe.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/modprobe.sh -------------------------------------------------------------------------------- /scripts/remove_empty_password_field.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/remove_empty_password_field.sh -------------------------------------------------------------------------------- /scripts/remove_legacy_group_entries.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/remove_legacy_group_entries.sh -------------------------------------------------------------------------------- /scripts/remove_legacy_passwd_entries.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/remove_legacy_passwd_entries.sh -------------------------------------------------------------------------------- /scripts/remove_legacy_shadow_entries.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/remove_legacy_shadow_entries.sh -------------------------------------------------------------------------------- /scripts/reversefilterenable.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/reversefilterenable.sh -------------------------------------------------------------------------------- /scripts/rmmod.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/rmmod.sh -------------------------------------------------------------------------------- /scripts/scripts.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/scripts.txt -------------------------------------------------------------------------------- /scripts/shadowpermission.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/shadowpermission.sh -------------------------------------------------------------------------------- /scripts/suspiciouspackets.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/CyberSecurityUP/Harden-Fu/HEAD/scripts/suspiciouspackets.sh --------------------------------------------------------------------------------