====== Security Lockdown ======

**General Information**

Security lockdown scripts based off of the CIS (Center for Internet Security) Benchmark guides. 

Official Site: http://benchmarks.cisecurity.org

**Checklist**
  * Distro(s): Enterprise Linux 6/7

----

====== Script Usage ======

Place all scripts in the same directory.
  * security-lockdown.sh => This is the main script. Execute this one; it will determine what child script to run based on OS and provide log files.
  * worker_security-lockdown_el6.sh => Script that gets executed if running CentOS/Oracle 6
  * worker_security-lockdown_el7.sh => Script that gets executed if running CentOS/Oracle 7

It works best if this directory is NFS shared, in which case you can simply mount the share and run the main script.

Example: Scripts placed in /data/scripts on a NFS server called "myadminserver.local" and execute from the client system:
<code bash>
mount -t nfs myadminserver.local:/data /mnt
/mnt/scripts/security-lockdown.sh
</code>

----

====== Download The Scripts ======

  * The versions that are kept updated are here: [[https://gitlab.com/whowe/deploy/tree/master/cis-security-lockdown]]

  * {{:linux_wiki:security-lockdown_20151221.tar.gz|security-lockdown_20151221.tar.gz}}
    * README
    * security-lockdown.sh
    * worker_security-lockdown_el6.sh
    * worker_security-lockdown_el7.sh

----