mirror of
https://github.com/ovh/debian-cis.git
synced 2024-11-21 21:17:00 +01:00
PCI-DSS compliant Debian 10/11/12 hardening
| bin | ||
| debian | ||
| etc | ||
| lib | ||
| src | ||
| tmp/backups | ||
| .gitignore | ||
| LICENSE | ||
| README | ||
# CIS Debian 7 Hardening git repository # Authors : Thibault Dewailly, OVH <thibault.dewailly@corp.ovh.com> # This is the code base which will be used to fill CIS hardening requirements # Hardening scripts : # bin/hardening : Every script has a .cfg associated, status must be defined here # Configuration # etc/hardening.cfg : Global variables defined such as backup directory, or log level # etc/conf.d : Folder with all .cfg associated to hardening scripts # Status parameter will define on each script if it has to be disabled (do nothing), audit (RO), enabled (RW) # Enabled will perform audit and most of the time correct your system accordingly. # There is exceptions as it is difficult to know how you want to correct that. # Main script : # bin/hardening.sh : Will execute hardening according to configuration # Options are : # --apply : Will apply hardening when scripts have status enabled (RW), and audit points where status is audit (RO) # --audit : Will audit hardening when scripts have status enabled or audit (RO) # --audit-all : Apply audit (RO) on all scripts