Security Lockdown
General Information
Security lockdown scripts based off of the CIS (Center for Internet Security) Benchmark guides.
Official Site: http://benchmarks.cisecurity.org
Checklist
- Distro(s): Enterprise Linux 6/7
Script Usage
Place all scripts in the same directory.
- security-lockdown.sh ⇒ This is the main script. Execute this one; it will determine what child script to run based on OS and provide log files.
- worker_security-lockdown_el6.sh ⇒ Script that gets executed if running CentOS/Oracle 6
- worker_security-lockdown_el7.sh ⇒ Script that gets executed if running CentOS/Oracle 7
It works best if this directory is NFS shared, in which case you can simply mount the share and run the main script.
Example: Scripts placed in /data/scripts on a NFS server called “myadminserver.local” and execute from the client system:
mount -t nfs myadminserver.local:/data /mnt /mnt/scripts/security-lockdown.sh
Download The Scripts
- The versions that are kept updated are here: https://gitlab.com/whowe/deploy/tree/master/cis-security-lockdown
-
- README
- security-lockdown.sh
- worker_security-lockdown_el6.sh
- worker_security-lockdown_el7.sh