Automation allows you to apply compliance and security policies consistently across your servers, verify compliance, and remediate servers. By Ricardo Gerardi.
In his article 5 ways to harden a new system with Ansible, sysadmin sudoer Anthony Critelli walks through developing an Ansible playbook to secure a new Linux server. He shows how to use Ansible to patch the system, lock remote access, disable unused software and services, and do other useful tasks. Further in the tutorial:
- Ensure your firewall is up and running
- Ensure SELinux is enabled and enforcing
- Enable kernel security parameters
- Disable ICMP
- Enable system auditing
- Security is a journey
The topics in this article are good starting points for improving your server’s security. You may not make your server completely secure, but you’re making it safer. Ensuring your firewall is running, SELinux is enforced, and network access is tightened are basic security measures. In many cases, taking care of the basics greatly protects your systems. Full playbook is also attached for your exploration!
[Read More]