Linux Security Hardening Lab
Hardened a Linux host using SSH best practices, firewall rules, and baseline checks, with verification steps to confirm changes.
Objective
Reduce attack surface and improve baseline security posture while preserving usability for legitimate administration.
Environment
Linux host in a lab environment. Hardening tasks include SSH configuration, service review, access controls, and firewall policy.
Detection or Task Logic
Prioritized high-impact controls: limit remote access exposure, restrict authentication methods, and ensure only required services are reachable. Focused on least privilege and secure defaults.
Investigation or Execution
Applied SSH hardening (key-based auth, tighter access rules), reviewed and disabled unnecessary services, and configured firewall rules. Verified changes through connection testing and log review.
Outcome
Produced a hardened baseline that demonstrates practical defensive steps and a clear validation approach.
Improvements
Automate baseline checks with a script, add configuration drift detection, and integrate host logs into a centralized monitoring workflow.