Useful Links
Computer Science
Operating Systems
Linux
Linux Security
1. Introduction to Linux Security
2. User and Group Management
3. Filesystem and Data Security
4. Mandatory Access Control (MAC) Frameworks
5. Network Security
6. System Auditing, Logging, and Monitoring
7. System Hardening
8. Advanced Security Topics
System Hardening
Kernel Hardening
Kernel Parameter Tuning
sysctl Configuration
Network Stack Hardening
Memory Management
Process Security
Kernel Module Security
Module Loading Restrictions
Module Signing
Blacklisting Modules
Runtime Protection
Kernel Security Features
KASLR (Kernel Address Space Layout Randomization)
SMEP (Supervisor Mode Execution Prevention)
SMAP (Supervisor Mode Access Prevention)
Control Flow Integrity
Memory Protection
Stack Protection
Heap Protection
ASLR Configuration
NX Bit Usage
Boot Security
Bootloader Protection
GRUB Password Protection
Boot Menu Security
Kernel Parameter Protection
Secure Boot
UEFI Secure Boot
Key Management
Certificate Validation
Custom Key Enrollment
Boot Process Integrity
Measured Boot
Trusted Boot
Boot Attestation
Service Hardening
Service Minimization
Unnecessary Service Removal
Service Inventory
Attack Surface Reduction
Service Configuration
Secure Defaults
Access Controls
Resource Limits
Privilege Dropping
Containerization
chroot Jails
systemd Sandboxing
Namespace Isolation
Capability Restrictions
Application Sandboxing
Firejail Usage
Bubblewrap Implementation
Custom Sandbox Creation
System Configuration Hardening
File System Security
Mount Options
Partition Separation
Disk Quotas
File System Permissions
Network Configuration
Interface Hardening
Protocol Disabling
Routing Security
User Environment
Shell Restrictions
Resource Limits
Environment Variables
Patch Management
Vulnerability Management
Vulnerability Scanning
Risk Assessment
Patch Prioritization
Update Mechanisms
Package Manager Security
Automated Updates
Update Testing
Rollback Procedures
Security Advisories
Vendor Notifications
CVE Tracking
Patch Verification
Compliance and Benchmarking
Security Benchmarks
CIS Benchmarks
NIST Guidelines
DISA STIGs
Compliance Tools
OpenSCAP
Lynis
Custom Assessment Scripts
Continuous Compliance
Automated Scanning
Drift Detection
Remediation Automation
Previous
6. System Auditing, Logging, and Monitoring
Go to top
Next
8. Advanced Security Topics