Search results for query: hardening

...ciphers to use on SSL-enabled listening sockets. # For more information, see ciphers(1SSL). This list is from: # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ # An alternative list with additional directives can be obtained from #...

...ich es endlich gefunden. Unsere Server werden mit ansible konfiguriert. Darüber wird u.A. die SSH-Verbindung mittels der Rolle dev-sec.ssh-hardening abgesichert. Dadurch wurde tatsächlich die Variable nicht mehr übertragen - und sogar an zwei Stellen gefiltert: In der /etc/ssh/ssh_config...

..."Note:" field where we can type free-form notes, like "Fresh CT Creation" "Latest Updates Applied" "Permission Tweaks" "Security and Hardening Applied" "Test config with special settings" "Trying out pkg XYZ with ABC options" and so on.... A helpful way to identify what's actually in each...

Ich komme gerade (von unterwegs) nicht auf die Maschine drauf, habe da aber einen Verdacht. Wir verwenden ein Ansible-Playbook für SSH-Hardening - welches massiv in die sshd_config eingreift. Da hätte ich selbts drauf kommen müssen, dass das an der Stelle knirschen kann. Allerdings ist die...

Hello. I was following some general security/hardening guides for Proxmox. As general Linux best practice, I disabled the root account and created a new 'administrative' account. The account works fine. However, the auto-shell login in the Proxmox GUI is tied to the root account. How do I setup...

...SSL-enabled listening sockets. # For more information, see ciphers(1SSL). This list is from: # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ # An alternative list with additional directives can be obtained from #...

...SSL-enabled listening sockets. # For more information, see ciphers(1SSL). This list is from: # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/ # An alternative list with additional directives can be obtained from #...

...during planned migration or VM recovery, but a host's reliability or networking fault would be too long of a downtime to experience. So I'm hardening the local host configuration and networking side of things. The requirement for a separate (and preferably redundant) cluster/corosync network...

with proxmox mail gateway is it possible to setup sshd_config without kiling cluster features an stuff etc ? with those modifications : PermitRootLogin prohibit-password PubkeyAuthentication yes PasswordAuthentication no PermitEmptyPasswords no ChallengeResponseAuthentication no

Hi Guys, We ran a vulnerability scan against our ProxMox Mail Gateway (5.0-61) and it came back with several issues all relating to TLS. Summary of the issues below: 1. TLS 1.0 supported, which is insecure 2. TLS 1.1 supported, which is insecure 3. SSL Anonymous ciphers supported After some...

...can improve the nodes security (like, /var, /boot, /tmp, /home and /usr) 5. bridge is ok 9. it could be unnumbered advice about how you can hardening any setup, but any security improvement have a downside (time to spent, watch your systems, lower your performance, and many many more) 10...

...got nvme ? 8. Do you advise to install Proxmox from its .ISO or on tap of any other OS like Debian Stretch etc.. ? 9. Is there any adviced hardening guide that google may hide from me ? 10. Which points i should consider rather these steps for a stable Proxmox Cluster. I want a fully...

...NO * Kernel is compiled with IBPB support: YES * IBPB enabled and active: NO * Mitigation 2 * Kernel has branch predictor hardening (arm): NO * Kernel compiled with retpoline option: YES * Kernel compiled with a retpoline-aware compiler: YES (kernel reports full...

...each product on it's own, it's hard to say. PVE comes secure ootb and you can increase security by adding more layers like specific firewall rules, fail2ban. If you refer to the hypervisor itself, you should search the web for KVM and security. Also hardening Debian should reveal some...

...Cluster over to proxmox, and are on the way to switch my other CentOS pacemaker based cluster's to proxmox (the centos based cluster mainly because of the nice Proxmox GUI) There are many guides out there for hardening linux based systems. Especially Debian always had a good security reputation.

Would you use Proxmox in a production environment? Would you switch from VMware esxi or Hyper-V to Proxmox? How is security on Proxmox? Are there any security hardening guide for Proxmox/Debian?

...with security were to restrict access Proxmox to my VPN and dedicated IP, as well as software firewalls and the standard debian OS hardening (disabling root for SSH, strong keys, only installing the packages required). A dedicated hardware firewall would definitely help alleviate my concerns...

...was never designed to protect itself alone (this holds true for many hypervisors, i.e. esxi, xen, etc). If you check any common unix/linux hardening guide, there are a lot of things that can not be done on Proxmox without breaking its functionality... If you are going to have Proxmox in...

General Remark to your setup: Make sure you do not use a raid controller for zfs (it does not like that, some users reported issues with boot,etc) also use enterprise grade ssds or you will probably not be happy with your performance note that by default, zfs reserves up to 50% of your ram...

...to a remote bucket (AWS, Backblaze, my own NAS, whatever)? Linked to question two, security. I couldn’t find a definitive guide to hardening Proxmox anywhere. Is it just like hardening any normal Ubuntu/Debian OS? I’m comfortable working with VPNs, minimal installs and SSH keys etcetera but...