Skip to content

hardenedlinux/Debian-GNU-Linux-Profiles

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Debian-GNU-Linux-Profiles

Done

DNS

Basic bind9 configuration for lan
Domain based routing on openwrt

HA

Using UPS with NUT

Harbian QA

Benchmarking PaX/Grsecurity kernel on Debian GNU/Linux
Syzkaller crash DEMO
Kernel QA with syzkaller and qemu

Hardened boot

Ways to build your own trustchain for secureboot
Debian Hardened boot
Grub for Coreboot
Grub for Secure boot
Preparation for Secure Boot on Key Management Server
Set Up Unrestricted Secure Boot On supporting machine

IDS

Deploy Bro as an IDS

IPSEC

Building IPSEC VPN via strongswan

Security Operation Center

Using Logstash/Elasticsearch/Grafana to build a small SOC(Security Operation Center) from scratch
SOC Overview
ELK with Bro-based Application Layer Packet Classifier
Threat intelligence--IntelOwl project deploy on Debian 10

Storage

Manually deploy ceph cluster step by step

SSH and Cluster

Powerful ssh(1) options you don't know
Ways to authenticate yourself to a remote virtual machine host
Recommended way to use ssh(1) for cluster management

TLS

TLS Mutual Authentication in Webdav
TLS Mutual Authentication in Gitlab
OpenConnect Server For Anyconnect Compatible Service

MAC/RBAC

Grsecurity RBAC system with nginx practice
Grsecurity RBAC system with ceph
Separating the three powers with grsecurity RBAC system

NGINX Hardening

Pretty config for nginx

Unclassified

Small-scale Enterprise KVM Deployments With Kimchi
The recommended configs of host computers and management console running Debian GNU/Linux within clusters

Todo-list

DRBD in HA
LVM Best Practice
Soft Raid in Debian
Gitlab Hardening
Exploring the Cross-platform File Sharing Service
Nginx Tuning in Debian
Apache Tuning in Debian
Puppet on the Run
Large-scale Enterprise KVM Deployments in Debian
Binary Dispatch in Automated Operations
Automated Operations in Debian
Iptables in Practice
Apparmor Best Practice

About

Debian GNU/Linux based Services Profiles

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published