A bash script has been developed to enhance the security of an Ubuntu server by implementing hardening techniques based on the CIS benchmarks. It automates tasks like applying security updates, disabling IPv4 forwarding, security auditing with Lynis, controlling USB device access, adjusting kernel parameters, audit logging, rootkit detection, brute-force protection with fail2ban, SSH hardening, and scheduled malware scanning. Future updates to the script will include additional security measures like intrusion detection systems, automated backup solutions, and container security.
Sort: