Is there a good introduction about Harbian (or Harbian-Audit) which would mention which system components have been changed?
On 26.12.18 15:48, Samson wrote:
Hi, Elmar:
Are you talking about harbian-audit(https://github.com/hardenedlinux/harbian-audit) or harbian (https://github.com/harbian)?
The harbian-audit project is based on CIS (https://www.cisecurity.org/cis-benchmarks/) and STIG (https://iase.disa.mil/stigs/os/unix-linux/Pages/index.aspx) These two security deployment compliance reference implementation collections. It not only has the function of auditing, but also has the function of automatically repairing threat items. please see: https://github.com/hardenedlinux/harbian-audit
The harbian project is mainly based on Debian GNU/Linux for security hardening related package customization and system customization. The default GNU/Linux distribution used by HardenedLinux is Debian, so our security hardening is based on Debian. In the context of the HardenedLinux community, Harbian is an acronym for Hardened Debian GNU/Linux, but it is currently not released for harbian.
regards
On Wed, 26 Dec 2018 at 00:54, Elmar Stellnberger <estellnb@gmail.com> wrote:
Can anyone tell what kind of program harbian is?
On 25.12.18 15:11, Samson wrote:
Hello everyone,
I'm Samson-W, the "Captain" of the harbian-audit project in the HardenedLinux community.
Harbian-audit is a collection of two security deployment compliance references to achieve STIG and CIS. After the release of v0.1, community user testing gave some feedback and fixed some bugs. HardenedLinux officially released harbian-audit in Christmas 2018. In the v0.2.0 version, we have created an AMI cloud host image that satisfies the security deployment of harbian-audit. Currently, users of three regions of AWS (EU (Frankfurt), Asia Pacific (Tokyo), US East (Ohio)) can For free use, we also provide QEMU images for private cloud users who are not willing to use "SOMEONE else's computer". For those who can't trust Hardened Linux community to make images, it doesn't matter. The Hardened Linux community has published documentation on how to make AWS and QEMU images and how to apply harbian auditing to cloud host images.
AMI(Amazon Machine Image) Public
The HardenedLinux community has created public AMI images for three different regions.
Destination region: US East(Ohio)
AMI ID: ami-0459b7f679f8941a4
AMI Name: harbian-audit complianced for Debian GNU/Linux 9Destination region: EU(Frankfurt)
AMI ID: ami-022f30970530a0c5b
AMI Name: harbian-audit complianced for Debian GNU/Linux 9Destination region: Asia Pacific(Tokyo)
AMI ID: ami-003de0c48c2711265
AMI Name: harbian-audit complianced for Debian GNU/Linux 9
Feel free to file a bug!
Happy auditing!
regards