1 views collected around this technical thread.
This guide lists 30 commonly exposed high‑risk ports such as LDAP, MySQL, and Docker, explains the security threats they pose, and provides practical firewall, service‑management, and port‑closing steps—including command‑line examples—to help you harden your systems against attacks.
This guide provides Bash scripts that let you retrieve detailed information about Linux processes by PID or name, query user account details, and apply a series of system hardening tweaks such as password policies, login restrictions, and file attribute protections.
This guide details practical Linux hardening steps—including disabling SELinux, trimming startup services, applying the principle of least privilege, configuring sudo, synchronizing time, adjusting file descriptor limits, locking critical files, disabling ping, optimizing SSH, changing hostnames, and preventing destructive rm commands—to improve security and stability in production deployments.
This article outlines ten essential steps to strengthen JumpServer security, including upgrading the operating system and JumpServer software, updating dependencies, avoiding weak passwords, enabling OS security components, minimizing open ports, securing public access, configuring SSL, enforcing strong passwords, and enabling multi‑factor authentication.
This guide details practical Linux server hardening techniques—including account cleanup, password policies, su/sudo restrictions, login controls, and BIOS/GRUB protection—while providing exact command examples for operations teams to quickly improve system security.
This article outlines a comprehensive, multi‑layered security framework for operations teams, covering policy design, dual‑account permission separation, grid‑based vulnerability management, topology and network safeguards, OS and database hardening, common misconceptions, and actionable principles for maintaining robust protection.
This article summarizes a comprehensive ops security talk that breaks down network segmentation, system hardening, and permission management into layered defenses, offering practical guidance on VLANs, ACLs, least‑privilege principles, and account auditing for robust enterprise protection.