Is there a good introduction about Harbian (or Harbian-Audit) which
would mention which system components have been changed?
On 26.12.18 15:48, Samson wrote:
Hi, Elmar:
Are you talking about
harbian-audit(https://github.com/hardenedlinux/harbian-audit) or
harbian (https://github.com/harbian)?
The harbian-audit project is based on CIS
(https://www.cisecurity.org/cis-benchmarks/) and STIG
(https://iase.disa.mil/stigs/os/unix-linux/Pages/index.aspx) These two
security deployment compliance reference implementation collections.
It not only has the function of auditing, but also has the function of
automatically repairing threat items. please
see:https://github.com/hardenedlinux/harbian-audit
<https://github.com/hardenedlinux/harbian-audit>
The harbian project is mainly based on Debian GNU/Linux for
security hardening related package customization and system
customization. The default GNU/Linux distribution used by
HardenedLinux is Debian, so our security hardening is based on Debian.
In the context of the HardenedLinux community, Harbian is an acronym
for Hardened Debian GNU/Linux, but it is currently not released for
harbian.
regards
On Wed, 26 Dec 2018 at 00:54, Elmar Stellnberger <[email protected]
<mailto:[email protected]>> wrote:
Can anyone tell what kind of program harbian is?
On 25.12.18 15:11, Samson wrote:
Hello everyone,
I'm Samson-W, the "Captain" of the harbian-audit project in the
HardenedLinux community.
Harbian-audit is a collection of two security deployment
compliance references to achieve STIG and CIS. After the release
of v0.1
<https://github.com/hardenedlinux/harbian-audit/releases/tag/v0.1>,
community user testing gave some feedback and fixed some bugs.
HardenedLinux officially released harbian-audit in Christmas
2018. In the v0.2.0
<https://github.com/hardenedlinux/harbian-audit/releases/tag/v0.2.0>
version, we have created an AMI cloud host image that satisfies
the security deployment of harbian-audit. Currently, users of
three regions of AWS (EU (Frankfurt), Asia Pacific (Tokyo), US
East (Ohio)) can For free use, we also provide QEMU images for
private cloud users who are not willing to use "SOMEONE else's
computer". For those who can't trust Hardened Linux community to
make images, it doesn't matter. The Hardened Linux community has
published documentation on how to make AWS and QEMU images and
how to apply harbian auditing to cloud host images.
https://github.com/hardenedlinux/harbian-audit/tree/master/docs/complianced_image
AMI(Amazon Machine Image) Public
The HardenedLinux community has created public AMI images for
three different regions.
Destination region: US East(Ohio)
AMI ID: ami-0459b7f679f8941a4
AMI Name: harbian-audit complianced for Debian GNU/Linux 9
Destination region: EU(Frankfurt)
AMI ID: ami-022f30970530a0c5b
AMI Name: harbian-audit complianced for Debian GNU/Linux 9
Destination region: Asia Pacific(Tokyo)
AMI ID: ami-003de0c48c2711265
AMI Name: harbian-audit complianced for Debian GNU/Linux 9
Feel free to file a bug!
Happy auditing!
regards
