I hope you're all having a wonderful Christmas! Does anyone here happen to have thoughts on *nix hardening scripts? I'm looking to code in a universal shell (/bin/sh), but I am considering installing a shell (bash, zsch, tcsh) in addition to hardening. I would like to know what others think about hardening scripts or about shell preference.
@synture i found this really useful when i needed a starting point for golden images: https://dev-sec.io/ . Not sure if you're in a position where (semi)immutable infra is in scope, but using this along with packer (http://packer.io/intro/index.html) was really useful for me.
What's your target machine?
@maxg This is it! Thank you Max!
A Mastodon instance for info/cyber security-minded people.