On Fri, Nov 16, 2018 at 04:31:39PM +0100, Jérôme Bardot wrote:
> Hello i try to harden my debian server.
You are welcome to do so.
> I want do understand all of this «warning».
> If they are false positive maybe this part should be update because
> it’s debian related ?
On Debian by default the files and directories have 644 or 755 perms
unless special cases (i.e. shadow has 640, /root has 740).
See the relevant section of the Debian Policy at
By default the Debian OS is not hardened. However, your mileage may
vary, so you are welcome to harden your Debian OS if you are concerned
about security or you simply would like to apply a more stringent security
policy. In addition to making sure you apply the latest security updates from
security.debian.org in your APT settings (i.e. /etc/apt/sources.list), you can
harden the your OS by using one or the combination of the following methods:
1- Set up HIDS (OSSEC)
2- Install file/directory integrity checker (i.e. Tripwire)
3- Run remote vulnerability scans (i.e. Openvas, Nessus)
qmi | Debian GNU/Linux enthusiast
GPG: 3C4B 1364 A379 7366 7FED 260A 2208 F2CE 3FCE A0D3
- From: Jérôme Bardot <email@example.com>